CIC supports the use of certificates and keys for authentication; and signing, encrypting, and decrypting data. In addition, CIC allows you to generate and import certificates and keys into a store and then select them as required for the application at hand. See Managing Keys and Certificates.
Key Authentication
You can use SSH key authentication for SFTP or Partner Mailbox Endpoints.
For SFTP, you select or import a key, as shown below. However, because it's a private key, when importing, you are prompted for a key password. See Managing Endpoints and SFTP endpoint for more information.
For a Partner Mailbox, you have the option to use a key or password as the authentication type. However, you must paste the key into a field in the UI instead of selecting or importing a key. See Managing Endpoints and Partner Mailbox endpoint for more information.
Signing, Encrypting, and Decrypting
When you choose to verify signed payloads or accept encrypted payloads for inbound messages; or to sign or encrypt outbound messages, you are prompted to select either a key or a certificate, depending on the Endpoint type you are working with.
Endpoint Type | Certificate or Key |
---|---|
AS2 | Certificates |
FTP(S) | OpenPGP Keys |
SFTP | OpenPGP Keys |
Partner Mailbox | OpenPGP Keys |
OpenPGP Keys | |
File System | N/A |
When you use a key for encrypting outbound or verifying the signature of inbound data, you import or select your partner's public key.
When you use a key for decrypting inbound or signing outbound data, you import or select your own private key. When you import a key for these purposes, CIC prompts you for a key password. However, when you select a private key, CIC does not prompt you for a password.
Working with keys
You can use keys for authentication, signing, and encryption. CIC allows you to select a key already in your key store, import a key, export a key, and generate a key. See Generating Keys and Certificates and Endpoint Security: Creating Keys.
Selecting a key
- Select the Select radio button.
- Select a key from the list displayed and click the Select button.
Importing a key
- Select the Import radio button.
- Click Browse, navigate to a key, and select it.
- If you are importing a key to use for signing outbound data or decrypting inbound data, CIC prompts you for a key password.
- Click Verify Key to ensure the key is OK for this usage.
- Click Import.
Exporting a key
- On the Endpoint page displaying an Endpoint that has a key associated with it, click the Export button.
CIC downloads the key to your local machine.
Working with certificates
CIC allows you to select a certificate already in your certificate store, import a certificate, and generate a certificate. See Generating Keys and Certificates and Endpoint Security: Creating Certificates.
Selecting a certificate
- Click the Select radio button.
- Select a certificate from the list displayed and click the Select button.
Importing a certificate
- Select the Import radio button.
- Browse to a certificate, specify a password if necessary, and click Import.
Exporting a certificate
- On the Endpoint page displaying an Endpoint that has a certificate associated with it, click the Export button.
CIC downloads the certificate to your local machine.
Comments
0 comments
Please sign in to leave a comment.