Skip to Content

generated certs


Please help me in understand the cert concept. I have 2 outbound interfaces 1. Proxy to AS2(Customer) and 2. Proxy to SFTP(Customer).

In the first case, customer had generated the certificate and we have imported it. and in the second case basis(we) had generated the cert and provided to customer. as both are outbound interfaces and in both the interfaces we are accessing customer systems, so what makes difference in generating the certs, means in what cases we or they have to generate the cert.



Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • May 18, 2017 at 06:54 AM

    Hi Vijay,

    The AS2 receiver - we use the client certificate (public key of the client) to encrypt the message (because the message goes via the internet) and additionally we can use our own private key to sign the message. The customer uses our public key to verify the authenticity of the message.

    The SFTP receiver - We generate the public-private key pair. The public key is associated with the SFTP server location/folder so only we can access that location with the private key. This only authentication part. If we need to encrypt the message, then we need to ask the client to provide encryption key which use the PGP module to encrypt the message.

    Hope this help


    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      To complement Harish's explanation, in the case of AS2, the receiver would use their private key to sign the MDN that they return to the sender to implement non-repudiation of receipt. The sender would then use their public key to validate that signature. Using signed MDNs is optional but quite common.

  • May 18, 2017 at 02:19 PM

    Thank you very much Harish and Patrick for helping me in understading the concept.

    Add comment
    10|10000 characters needed characters exceeded