Supported Certificates

The following certificate types are supported:

If a PFX file is selected, the private key, corresponding certificate and (optionally) CA certificate(s) will be imported to the token. You will be asked to enter the password (if it exists) protecting the PFX file.

In the case of a CER file (which contains only X.509 certificates), the program checks if a private key exists on the token. If the private key is found on the token, the certificate is stored with it. If no private key is found, then you are asked if you want to store the certificate as a CA certificate. If you indicate yes, the certificate is stored.

When downloading a certificate to the computer and then importing the certificate to the token, the certificate should be removed from the local store and the token reinserted before using the certificate to sign and encrypt mail. This ensures you are using the certificate and keys stored on the token.