Secure Sockets Layer (SSL) and Transport Layer Security (TLS) use X.509 certificates to allow SSL-enabled servers and clients to authenticate each other and protect the communication between them.The following features in GoAnywhere MFT™ use SSL/TLS:
- Administration Server
- AS2 Client
- AS2 Server
- Database Client
- FTPES Client (Explicit SSL)
- FTPES Server (Explicit SSL)
- FTPS Client (Implicit SSL)
- FTPS Server (Implicit SSL)
- HTTPS Client
- HTTPS Server
- Email Client
GoAnywhere MFT includes an integrated SSL Certificate Manager for working with X.509 certificates. Within the Certificate Manager, you can create new key stores and certificates, import and export certificates, display certificate properties, and generate CSRs (Certificate Signing Requests).
A certificate will contain information about the entity (organization) which the certificate represents, including the following details:
- The name of the entity which signed/issued the certificate, otherwise known as the Issuer.
- The expiration date of the certificate.
- The Public Key of the entity which the certificate represents.
- The digital signature of the Issuer. This signature is created using the Issuer’s Private Key and ensures the validity of the certificate.
Issuing CertificatesYour trading partner may require that you send them your certificate before allowing you to connect to their SSL-enabled server. Depending on your trading partner’s authentication requirements, there are three different approaches in which a certificate can be signed and issued:
- You can issue your own certificate, which is known as a self-signed certificate and is the lowest level of trust.
- Your trading partner can issue your certificate.
- A Certificate Authority (CA) can issue your certificate, which is the highest level of trust.