Importing a Certificate

Importing a certificate involves using the Certificate Management Tool to retrieve a certificate from a certificate chain file (.chn) and then installing that certificate on your system. This certificate can be one that you have generated, or can be one that your trading partner has generated and submitted to you.

Note

At this time, the Certificate Management Tool works only with the Windows NT Certificate Server. Support by other certificate authorities is currently in progress.

If you are building a transmit pipeline and you want to digitally sign the data in the business data object, then you first use the Certificate Management Tool to generate a signature certificate request (see Generating a Certificate Request). Next, you use Microsoft Certificate Server to generate a certificate based on this request (see Generating Certificates with Microsoft Certificate Server). The result of this operation is a certificate chain file (.chn), which you import using the Certificate Management Tool.

After you have imported the certificate, you can configure the DigitalSig component to use this certificate to digitally sign the business data object data.

In addition, you supply a copy of the .chn file for this certificate to your trading partner. After your trading partner has imported the certificate, it can be used in a receive pipeline to configure the VerifyDigitalSig component.

If you want to use a trading partner’s certificate to encrypt a business data object, obtain a certificate chain (.chn) file for an exchange certificate from your trading partner, and import it onto your system. After importing the certificate, you can use it to configure the EncryptPKCS component.

To import a certificate that you have created

1. Click the Start button, point to Programs, point to Microsoft Site Server, point to Commerce, and then click Certificate Management to display the Certificate Management Tool.
2. Click Manage My Certificates.
3. Select the .chn file from which to import the certificate, and then click Open.
4. A message box appears to notify you that the certificate was successfully imported.

Note

A certificate can be imported only once. Subsequent attempts to import the same certificate will fail. If you need to import a certificate again (for example, if you deleted it by accident), you must re-create the certificate (create a new certificate request, generate a new certificate chain file) and then import the new certificate.

To import a trading partner’s certificate

1. Click the Start button, point to Programs, point to Microsoft Site Server, point to Commerce, and then click Certificate Management to display the Certificate Management Tool.
2. Click Manage Trading Partner’s Certificates.
3. Click Import.
4. Specify which certificate to use if the certificate contained in the .chn file is a duplicate of one already installed on your system.
5. Type the path to the certificate chain file (.chn) from which to import the certificate (or click the Browse button and locate the file), and then click OK.
6. Click OK to close the message box that indicates successful completion.

If the certificate you have imported is an exchange certificate, you can use it to configure the EncryptPKCS component.