You can import certificates and their private keys in the SSL Server Certificates window.
- Certificate and private key format:
- In non-BCFIPS mode, we support PKCS12 and PEM formatted certificates and private keys, and automatically detect the format between PKCS12 and PEM.
- In BCFIPS mode, we only support PEM formatted certificate and private keys. Only PBES2 and AES or Triple DES encryption is accepted and 128-bit salt is required. In practice, this may mean that only PEM files generated by PingFederate can be imported.
- For PEM, the private key must precede the certificates.
- Password requirement:
- In BCFIPS mode, the password must contain at least 14 characters.