Adding a trading partner digital certificate

You can add a digital certificate to electronically validate your trading partner's identity. Use Digital Certificates to add a trading partner's digital certificate.

To add a trading partner digital certificate:

1. Log in to B2B Advanced Communications as a Master Account Administrator or a user with the permissions to create digital certificates.
2. Click Security > Digital Certificates.
3. Select Trading Partner Public Certificate.
4. On the Create a Trading Partner Public Certificates page, specify values for the applicable fields as follows:

   Associated Organization

   Click Select and select the partner organization with which the certificate is associated.

   Certificate File

   Click Upload to browse and select the certificate file.

   Restriction: The certificate file must be a valid PKCS12 formatted keystore for public-private key pairs (.P12 or .PFX file extensions) or DER encoded for public certificates (.DER file extension). Only one copy of a digital certificate can be in the system, regardless of the certificate alias with which it is associated. Additionally, certificates cannot be used by more than one trading partner.

   Certificate alias

   Select whether to use an existing certificate alias or create a new certificate alias. All certificates must have an alias to enable the system to recognize the certificate name. The certificate alias enables an expired or soon to expire certificate in production during the process of moving to a new certificate.

   If you choose to Use an existing certificate alias, select the certificate alias from the list. When you add a certificate and use an existing certificate alias, the new certificate is added to the list of certificates that are already associated with that alias. If you choose to Create new certificate alias, enter the new alias that refers to the certificate.

   Restriction: A certificate alias can be only associated with a maximum of two certificates. If a certificate alias already has two certificates that are associated with it, the alias is not displayed in the list of available aliases. Additionally, if the organization is using only certificate aliases that are already associated with two certificates, the Use an existing certificate alias option is not available.

   Certification Usage

   You must select at least one usage:

   HTTPS client authentication

   Enables certificate usage for HTTP client authentication. You can then specify that this certificate is used to authenticate this partner in the conformance policy.

   Signing / Signature verification

   Enables certificate usage for signing outbound messages and signature verification. You can then specify that this certificate is used to sign the outbound exchange data in the conformance policy.

   Encryption / Decryption

   Enables certificate usage for encryption and decryption. You can then specify that this certificate is used to encrypt and decrypt message data in the Synchronous response section of the exchange profile.

   Effective from date

   Specify the date and time from which the certificate is effective for use within B2B Advanced Communications. The certificate can be used within B2B Advanced Communications after this date.

   Effective to date

   Specify the date and time until which the certificate is effective for use within B2B Advanced Communications. The certificate can be used within B2B Advanced Communications after this date.

5. Click Save to save the digital certificate and return to the Trading Partner Certificates collection page.