Agent certificates are used:

  • To communicate with Agents (from Site Server or Enterprise).
  • Between FTK Central and Site Server.
  • Between two or more Site Server instances.


Requirements for Certificates Issued by a Certificate Authority (CA)

  • Follow the X.509 standard.
  • Must be RFC 5280 compliant.
  • Private Certificates must be signed by a trusted root CA and be provided in the PFX format (upon import into FTK Enterprise or Site Server software, the PFX will be automatically converted to ADP12).
  • PFX containers must be encrypted using 3DES to be supported by FTK Enterprise or Site Server.
  • Public Certificates must include the full chain (root CA and any intermediate CAs) and be in the encoded P7B format.


Requirements for Self-Signed Certificates

  • Self-signed Agent certificate pairs must be created with certman.


  • Private certificates in the PFX format will be converted to a proprietary ADP12 format upon product configuration.
  • CRT/CER formatted public certificates should only be used as part of a certificate pair made by certman.