Agent certificates are used:
- To communicate with Agents (from Site Server or Enterprise)
- Between FTK Central and SiteServer
- Between two or more SiteServer instances
Requirements for Certificates Issued by a Certificate Authority (CA)
- Follow the X.509 standard
- Be RFC 5280 compliant
- Use either SHA-1 or SHA-256
- Private Certificates must be signed by a trusted root CA and be provided in the PFX format (upon import into AccessData software, the PFX will be automatically converted to ADP12)
- Public Certificates must include the full chain (root CA and any intermediate CAs) and be in the binary DER encoded P7B format
Requirements for Self-Signed Certificates
- Self-signed Agent certificate pairs must be created with certman
- Private certificates in the PFX format will be converted to a proprietary ADP12 format upon product configuration.
- CRT/CER formatted public certificates can only be used as part of a certificate pair made by certman.