MOVEit Automation uses client certificates for FTP/S and MOVEit Transfer authentication, S/MIME signing/encryption and AS1/AS2/AS3 authentication/signing/encryption. This section discusses issues related to obtaining and installing certificates, prior to using them in MOVEit Automation .

An X.509 digital certificate is a document that verifies the identity of the holder of the certificate. Digital certificates are often issued by and vouched for by Certification Authorities (CAs), but may also be "self-signed". Every certificate contains two keys used by public/private key cryptography.

A certificate used for client authentication conceptually consists of three components:

  • The public component of the certificate, which contains the name of the client and the public key.
  • The private component of the certificate, which contains an encrypted version of the private key. Though it is possible to have a certificate without the private component, such a certificate cannot be used as a client certificate.
  • A password, which protects the private key.

To use client certificate with MOVEit Automation , you must:

  • Obtain a certificate from a server administrator, a CA or by generating one yourself.
  • If necessary, convert the certificate into a form understood by Microsoft software (*.p12 or *.pfx).
  • Install the certificate into MOVEit Automation through MOVEit Automation Admin.
  • Configure a MOVEit Automation host to use the certificate when communicating with a particular FTP server, MOVEit Transfer server, AS2 partner, etc.

These steps are covered in more detail in the following topics.