Difference between revisions of "Seon Core - Updating OFTP2 certificate"
From Seon
| Line 15: | Line 15: | ||
Basis for all secure operations are the trust of certificates. Seon manages trust globally via the "trusted certificates", which are maintained in several ways: | Basis for all secure operations are the trust of certificates. Seon manages trust globally via the "trusted certificates", which are maintained in several ways: | ||
*[[Seon_Core_configuration#TSL_URL|Automatically via TSL]] (a signed XML information hosted at Odette, containing a list of all trusted certificate authorities). Every OFTP2 system which is certified by Odette must be able to interpret this TSL, too. | *[[Seon_Core_configuration#TSL_URL|Automatically via TSL]] (a signed XML information hosted at Odette, containing a list of all trusted certificate authorities). Every OFTP2 system which is certified by Odette must be able to interpret this TSL, too. | ||
| − | * | + | *Manually via uploaded certificates in the "trusted certificates". |
Revision as of 07:53, 26 November 2013
Abstract
Sometimes it's necessary to update partner's or your certificate information due to several reasons:
- Expiration of certificate
- New certificate due to changed information
- Change of the used CA
- other reasons
In every case, you may change settings depending on some configuration situations. These are explained within this article.
Identify what to update
There are two major parts involved in certificates:
- TLS: Transport Layer Security. Offering a secure, encrypted TCP/IP connection, this mechanism is involved in server (and optionally: client) certificates, CRLs and trusted certificate information.
- OFTP2 security options: Using any of the OFTP2 options for secure authentification, file encryption, file signing or signed EERPs, you need to handle certificates per partner. Information like CRLs and trusted certificate are the basis for all operatione.
Basis for all secure operations are the trust of certificates. Seon manages trust globally via the "trusted certificates", which are maintained in several ways:
- Automatically via TSL (a signed XML information hosted at Odette, containing a list of all trusted certificate authorities). Every OFTP2 system which is certified by Odette must be able to interpret this TSL, too.
- Manually via uploaded certificates in the "trusted certificates".
