Agent certificates are used:

  • To communicate with Agents (from Site Server or Enterprise)
  • Between FTK Central and SiteServer
  • Between two or more SiteServer instances


Requirements for Certificates Issued by a Certificate Authority (CA)

  • Follow the X.509 standard
  • Be RFC 5280 compliant
  • Use either SHA-1 or SHA-256
  • Private Certificates must be signed by a trusted root CA and be provided in the PFX format (upon import into AccessData software, the PFX will be automatically converted to ADP12)
  • Public Certificates must include the full chain (root CA and any intermediate CAs) and be in the binary DER encoded P7B format


Requirements for Self-Signed Certificates

  • Self-signed Agent certificate pairs must be created with certman


  • Private certificates in the PFX format will be converted to a proprietary ADP12 format upon product configuration.
  • CRT/CER formatted public certificates can only be used as part of a certificate pair made by certman.