Agent certificates are used:
- To communicate with Agents (from Site Server or Enterprise).
- Between FTK Central and Site Server.
- Between two or more Site Server instances.
Requirements for Certificates Issued by a Certificate Authority (CA)
- Follow the X.509 standard.
- Must be RFC 5280 compliant.
- Private Certificates must be signed by a trusted root CA and be provided in the PFX format (upon import into FTK Enterprise or Site Server software, the PFX will be automatically converted to ADP12).
- PFX containers must be encrypted using 3DES to be supported by FTK Enterprise or Site Server.
- Public Certificates must include the full chain (root CA and any intermediate CAs) and be in the encoded P7B format.
Requirements for Self-Signed Certificates
- Self-signed Agent certificate pairs must be created with certman.
Notes
- Private certificates in the PFX format will be converted to a proprietary ADP12 format upon product configuration.
- CRT/CER formatted public certificates should only be used as part of a certificate pair made by certman.