So here are my notes from this process. They may not be complete and I haven’t had to do this process again and some of my steps might be incorrect. I had a hard time finding a clear process that wasn’t written by someone who knows this process well.
My particular requirement was to send files to Wells Fargo.
====
ACM requires a pfx file because a pfx file contains the public key, the private key and the certificate all in one file. The pfx file allows you to generate and install a certificate on a server and then move the certificate to another server.
In this process I used the two processes on the client’s sandbox to generate a new Certificate Request and get it installed into IIS so that it could be exported to the pfx file (and then imported into their Acumatica).
Client allowed us delegate access to their GoDaddy account. This allowed me to be able to follow the certificate request process all the way to installation. To do that I created a GoDaddy account using my email address and then client invited me from his account.
I connected to the sandbox and started IIS and followed these steps to generate a certificate request. At the point where you are completing the request you need to stop there and use the second link which describes how to turn the .crt file to a .cer file. The .cer file is required for to complete the request.
Note, for the first link, I only went to Step 4 of Install the SSL on IIS Website since we aren’t using on that site as a true ‘windows certificate’.
https://www.globo.tech/learning-center/install-ssl-certificate-on-windows-server-2019-and-iis/
https://support.godaddy.com/help/manually-install-an-ssl-certificate-on-my-iis-10-server-27349
Once it is installed in IIS you right click on the certificate and select Export... You will be asked for a password. This password will be used within Acumatica. Note that the password cannot be longer than 50 characters long.
@Django Thank you for the detailed reply! Im out of my depth but I don’t understand why Acumatica requires a cert to transfer files via SFTP. All it should need is the SSH key.
We were not able to configure SFTP using a key in Acumatica, and Amazon S3 requires a key for auth, so we developed a workaround using a different server that only requires a passcode.