The SMP must sign the responses to queries for the capability meta-data of a Participant so the requestor can validate the received answer is from a trustworthy server. Therefore a key pair must be configured before the server can be used. When the SMP server is used in the Peppol network the certificate must also be configured to register the SMP in the Peppol SML.
To install the server’s key pair, login to the administration UI as an administrator and click on Settings in the top level menu bar. Go to the SMP Certificate tab to upload the new key pair.
If there already is a key pair installed the page will show the certificate details.
Click anywhere in the Key pair file field to open a file selection dialog. Then select the file containing the SMP key pair. The file should be in PKCS#12 (common extensions are p12 and pfx) or a Java keystore format (extensions jks and jceks) and contain only the key pair to be used. Provide the password that is used to secure the key pair in the password field and click on Upload key pair to send the file to the server. When the key pair could be read from the file the certificate details are shown.
When the uploaded key pair is correct and should be used by the server for signing new responses click on Use uploaded key pair. The key pair will be set as the current one and the page will show the certificate details.
WARNING: When the SMP server is used in the Peppol network and the server is registered in the SML ensure that the new key pair is for the same environment as the one currently in use, otherwise you won’t be able to manage your SML registration correctly!