If the certificate was requested and generated via the desktop platform, you should transfer it to your iPhone/iPad or Android device if you want to be able to enter your account via that device.
The certificate is transferred securely via a trading server:
- First, the certificate is encrypted in the desktop platform: an account owner sets the password to encrypt the certificate using a reliable AES-256 algorithm. The password is not sent to the server ensuring that only the user knows it.
- Next, the encrypted certificate is sent to the trade server where it is stored before receipt via a mobile platform (but no more than an hour).
- In order to receive the certificate, the user should connect to the account via the mobile platform, After connecting, the user will be offered to import the certificate. To do this, they should enter the password that was used to encrypt the certificate in the desktop platform.
The certificate transfer is secure: the trading server is used solely as an intermediate storage, while encryption is performed at the user's side. The certificate password is not transferred or stored on the trade server.
How to transfer the certificate
Connect to the account via the desktop platform and select "Transfer SSL certificate to mobile device" in its context menu:
Specify the master password of the account to confirm that it belongs to you. Next, set the password to be used to protect the certificate before sending it to the server or use an automatically generated random password. The password should consist of at least 8 digits.
After successfully sending the certificate to the server, open the mobile platform and connect to the account. You will be immediately offered to import the certificate. Agree and enter the password you have set during the transfer.
You can view the certificate in About – Certificates.
Alternative transfer option
You can transfer the certificate manually:
- iPhone/iPad — via iTunes
- Android — copying to a device
To view a certificate used for the account in the extended authentication mode click on "Certificate" on the Server tab.
The following certificate details are displayed here:
- Issued to — the account number and certificate holder name.
- Issued by — the name of the company that issued the certificate.
- Valid from — certificate validity period.
The public part of the certificate (without the private key) can be exported to a file.
Do not submit your certificate pfx file containing the private key to anyone. This file is generated during the first connection in the extended authentication mode and is stored in /platform_folder/config/certificates.
To export the public part of your certificate, move to the Details tab and click "Copy to File":
Follow the instructions of Certificate Export Wizard. Select the file format for export after the greeting message:
Specify a file name and complete the export process.
Extended Authentication Restrictions
The extended authentication option cannot be used in the web platform and in the Signals service. If extended authentication is used on an account, you cannot connect to this account via the web platform or register it to provide trading signals. However, copying of signals to an account with extended authentication is possible.