The following certificate types are supported:
If a PFX file is selected, the private key, corresponding certificate and (optionally) CA certificate(s) will be imported to the eToken. You will be asked to enter the password (if it exists) protecting the PFX file.
In the case of a CER file (which contains only X.509 certificates), the program checks if a private key exists on the eToken. If the private key is found on the eToken, the certificate is stored with it. If no private key is found, then you are asked if you want to store the certificate as a CA certificate. If you indicate yes, the certificate is stored.
When downloading a certificate to the computer and then importing the certificate to the eToken, the certificate should be removed from the local store and the eToken reinserted before using the certificate to sign and encrypt mail. This ensures you are using the certificate and keys stored on the eToken.