If certificates are to be used, please exchange only the public part with the respective partner. Please NEVER hand out the private part and keep in mind that certificates are usually valid for a limited period of time. After an expired validity period, the certificate becomes invalid and thus no communication is possible.

A local certificate that has been exported from Lobster_data for one of your partners is a zipped .CER file and contains only the public key.

If a partner sends you a certificate (only with his public key), Lobster_data supports the following X.509 certificate formats.

• .CER - CER-encoded certificate or certificate sequence.

• .CRT - DER-encoded oder Base64-encoded certificate.

• .DER - DER-encoded certificate.

• .PEM - Base64-encoded certificate.

• The formats .P12 and .PFX (PKCS#12) can be imported as a local certificate if they are error-free and contain the private key. Attention: If the password is not correct, the (misleading) error message will show that no certificate is included.

• The format .P7B (PKCS#7) can be imported as a partner certificate if it is error-free. Attention: If the password is not correct, the (misleading) error message will show that no certificate is included.
  Only exception: If you create a CSR (Certificate Signing Request) from your own certificate and have it signed by the certification authority (CA), you may get the certificate response back as .P7B or .P7C, which cannot be added as a certificate response to the current certificate. But you can open the .P7B file on Windows with the crypto shell extension and save all components of the certificate chain (typically 3 - own, intermediate, and CA root) as Base64-encoded .PEM or .CER files, and then copy all three file contents in reverse order (CA root last) into a .CER file. This file can then be, as usual, added as a Certificate Response to the existing certificate from which the CSR was created.