MSDN Library
EN
Deze inhoud is niet beschikbaar in uw taal, maar wel in het Engels.

APPENDIX: BizTalk Services Certificates Overview

 

Updated: November 27, 2015

In BizTalk Services, certificates are used in several areas:

  • Create a BizTalk Service using Azure management portal: A public certificate (.cer) is automatically created. You can download the certificate and install it on your test/development environment. In production, use a signed certificate; which can be uploaded it to your BizTalk Service in the Azure Management Portal.

  • Manage Partners and Profiles in Azure BizTalk Services: Can be a private certificate (.pfx) or a public certificate (.cer).

  • Certificates: Lists all the private (.pfx) and public (.cer) certificates added for agreements between partners.

  • AS2 Receive Settings (Create an AS2 Agreement in Azure BizTalk Services): A certificate is used for message signing and encryption. If the message is signed, a public certificate (.cer) is needed. If the message is encrypted, a private certificate (.pfx) and its password are needed.

  • AS2 Send Settings (Create an AS2 Agreement in Azure BizTalk Services): A certificate is used for message signing and encryption. If the message is signed, a private certificate (.pfx) and its password are needed. If the message is encrypted, a public certificate (.cer) is needed.

When you create a BizTalk Service in the Azure Management Portal, a public certificate is automatically created that is self-signed and should only be used in test/development environments. You can use this certificate to secure the BizTalk Adapter Service (BAS) runtime website. See Runtime Components: BizTalk Adapter Service for details on the website.

This section lists the steps to install the certificate into the Trusted Root Certification Authorities store on your computer:

  1. In the Azure Management Portal, select your BizTalk Service, and select the Dashboard tab. In quick glance, download the SSL certificate.

  2. Copy the certificate to your test/development machine with the Microsoft Azure BizTalk Services SDK installed. This is a public certificate (.cer).

  3. On your test/development machine, double-click the .cer file. Select Install Certificate.

  4. Select Place all certificates in the following store, select Browse, and select Trusted Root Certification Authorities.

  5. Complete the installation. You’ll get a Security Warning; which is normal. Select Yes.

A certificate may also have a .p7b extension. In this scenario, import the .p7b certificate, and then export it to a .pfx or .cer format using the following steps.

To import a .p7b certificate

  1. Open the Microsoft Management Console (MMC.exe): In the Run window, type mmc.exe.

  2. In the MMC, go to the File menu, and select Add/Remove Snap-in.

  3. In Available snap-ins, select Certificates, and select Add. Select My user account, Service account or Computer account. Choose any option. We are importing the .p7b certificate only so we can export it.

    Select OK.

  4. Expand Certificates and choose any folder. For example, select Personal. We are importing the .p7b certificate only so we can export it in a .cer or .pfx format.

  5. Right-click the folder, select All Tasks, and select Import. The Certificate Import Wizard opens:

    • Select Next.

    • Browse to the .p7b certificate file. In the Open window, select All Files from the filter drop-down, and then select the .p7b certificate.

      Select Next.

    • Select the Certificate store to put the .p7b certificate. For example, select Personal.

    • Select Finish.

    Expand the Certificate store folder. The imported .p7b certificate is now displayed in the Certificates folder.

Once imported, the .p7b certificate can now be exported to a .cer or .pfx format.

To export a .p7b certificate as .cer or .pfx

  1. Right-click the imported .p7b certificate, select All Tasks, and select Export. The Certificate Import Wizard opens:

  2. The exported certificate resides in the folder you entered.

When a certificate is exported in the MMC, the original certificate remains in the certificate store.

Weergeven:
© 2016 Microsoft