103 lines
6.6 KiB
HTML
103 lines
6.6 KiB
HTML
|
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
||
|
<html>
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
||
|
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
|
||
|
<title>Digital Certificate Management APIs</title>
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<!-- Begin Header Records ========================================= -->
|
||
|
<!-- Sec SCRIPT A converted by B2H R4.1 (346) (CMS) by V2KEA304 -->
|
||
|
<!-- at RCHVMW2 on 17 Feb 1999 at 11:05:09 -->
|
||
|
<!-- 030509 JETAYLOR replaced API and Exit listings with -->
|
||
|
<!-- pagegenerator output from javascript array -->
|
||
|
<!-- 031111 JETAYLOR replaced API and/or Exit listings with -->
|
||
|
<!-- pagegenerator output from javascript array -->
|
||
|
<!-- End Header Records -->
|
||
|
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
|
||
|
</head>
|
||
|
<body>
|
||
|
<a name="Top_Of_Page"></a>
|
||
|
<!-- Java sync-link -->
|
||
|
<script type="text/javascript" language="Javascript" src="../rzahg/synch.js">
|
||
|
</script>
|
||
|
|
||
|
<h2>Digital Certificate Management APIs</h2>
|
||
|
|
||
|
<p>The digital certificate management APIs enable X.509 type certificates to be
|
||
|
associated with a user profile.The APIs add, remove, list, and find certificates that are associated with
|
||
|
user profiles.</p>
|
||
|
|
||
|
<p>This section also includes APIs for registering applications that use
|
||
|
certificates. Applications that need to use certificates will make themselves
|
||
|
known by registering themselves. As part of that registration, applications
|
||
|
will identify an exit program that is to be called:</p>
|
||
|
|
||
|
<ul>
|
||
|
<li>whenever a certificate is assigned to the application or if the certificate
|
||
|
assignment changes.</li>
|
||
|
|
||
|
<li>whenever a Certificate Authority (CA) is added to or removed from the trust
|
||
|
list for the application.</li>
|
||
|
|
||
|
<li>whenever the information about the application is being changed.</li>
|
||
|
|
||
|
<li>whenever the application is being deregistered.</li>
|
||
|
</ul>
|
||
|
|
||
|
<p>The application is, therefore, not responsible for providing a user interface
|
||
|
for certificate management. When the application starts, it can retrieve the
|
||
|
name and location of the certificate assigned to the application and use it for
|
||
|
initiating a Secure Sockets Layer (SSL) session or some other operation that
|
||
|
requires a certificate. </p>
|
||
|
|
||
|
<p>The digital certificate management APIs are:</p>
|
||
|
<!-- ***** NOTE ***** Do not manually update text or links in this section. -->
|
||
|
<!-- Updates made in this section *will* be overlaid by automated tools -->
|
||
|
<!-- Notify User Technologies of needed updates to be made in XML for API finder.-->
|
||
|
<!--***************API BEGIN PASTE***************-->
|
||
|
<ul>
|
||
|
<li><A HREF="QSYADDUC.htm">Add User Certificate</A> (QSYADDUC, QsyAddUserCertificate) associates a certificate with an i5/OS user profile.</li>
|
||
|
<li><A HREF="qsyaddvc.htm">Add Validation List Certificate</A> (QSYADDVC,QsyAddVldlCertificate) adds a certificate to a validation list.</li>
|
||
|
<li><A HREF="QSYCHKVC.htm">Check Validation List Certificate</A> (QSYCHKVC, QsyCheckVldlCertificate) determines whether a certificate is in a validation list.</li>
|
||
|
<li><A HREF="QSYDRGAP.htm">Deregister Application for Certificate Use</A> (QSYDRGAP, QsyDeregisterAppForCertUse) removes an application and all associated certificate information from the registration facility.</li>
|
||
|
<li><A HREF="qykmexpk.htm">Export Certificate Store</A> (QYKMEXPK, QykmExportKeyStore)) exports a certificate store to a PKCS 12 version 3 standard file.</li>
|
||
|
<li><A HREF="QSYFNDCU.htm">Find Certificate User</A> (QSYFNDCU, QsyFindCertificateUser) finds the user that is associated with a certificate.</li>
|
||
|
<li><A HREF="qycugsuc.htm">Generate and Sign User Certificate Request</A> (QYCUGSUC) generates a user certificate request and then signs the certificate request using the local Certificate Authority (CA).</li>
|
||
|
<li><img src="delta.gif" alt="Start of change" border="0"><A HREF="qykmgdki.htm">Get Default Key Item</A> (QYKMGDKI, QykmGetDefaultKeyItem) Allows you to retrieve the label of the default certificate in a certificate store. <img src="deltaend.gif" ALT="End of change" border="0"></li>
|
||
|
<li><A HREF="qykmimpk.htm">Import Certificate Store</A> (QYKMIMPK, QykmImportKeyStore)) imports a certificate store from a PKCS 12 version 3 standard file.</li>
|
||
|
<li><A HREF="qsylstuc.htm">List User Certificates</A> (QSYLSTUC, QsyListUserCertificates) lists the certificates in the user profile.</li>
|
||
|
<li><A HREF="qsylstvc.htm">List Validation List Certificates</A> (QSYLSTVC, QsyListVldlCertificates) lists the certificates in the validation list.</li>
|
||
|
<li><A HREF="qsyoluc.htm">Open List of User Certificates</A> (QSYOLUC) provides a list of user certificates associated with a user.</li>
|
||
|
<li><A HREF="QSYPARSC.htm">Parse Certificate</A> (QSYPARSC, QsyParseCertificate) parses a certificate and puts the results in the caller's storage.</li>
|
||
|
<li><A HREF="qsyrgap.htm">Register Application for Certificate Use</A> (QSYRGAP, QsyRegisterAppForCertUse) registers an application with the registration facility.</li>
|
||
|
<li><A HREF="QSYRMVUC.htm">Remove User Certificate</A> (QSYRMVUC, QsyRemoveUserCertificate) removes a certificate from an i5/OS user profile.</li>
|
||
|
<li><A HREF="QSYRMVVC.htm">Remove Validation List Certificate</A> (QSYRMVVC, QsyRemoveVldlCertificate) removes a certificate from a validation list.</li>
|
||
|
<li><A HREF="qsyretrievedigitalidconfig.htm">Retrieve Digital ID Configuration Information</A> (QsyRetrieveDigitalIDConfig()) retrieves digital ID configuration information.</li>
|
||
|
<li><A HREF="qsysetdigitalidconfig.htm">Set Digital ID Configuration Information</A> (QsySetDigitalIDConfig()) sets digital ID configuration information.</li>
|
||
|
<li><A HREF="qycusuc.htm">Sign User Certificate Request</A> (QYCUSUC) signs a user certificate request using the local Certificate Authority (CA).</li>
|
||
|
</ul>
|
||
|
<!--***************API END PASTE***************-->
|
||
|
|
||
|
<br>
|
||
|
|
||
|
<p><strong>Note:</strong> All of these APIs, except Register and Deregister Application for Certificate Use,
|
||
|
require that Digital Certificate Manager (DCM), option 34 of i5/OS<SUP>(TM)</SUP> (5722-SS1) be installed.</p>
|
||
|
|
||
|
|
||
|
<hr>
|
||
|
<center>
|
||
|
<table cellpadding="2" cellspacing="2">
|
||
|
<tr align="center">
|
||
|
<td valign="middle" align="center">
|
||
|
<a href="#Top_Of_Page">Top</a> |
|
||
|
<a href="sec.htm">Security APIs</a> |
|
||
|
<a href="aplist.htm">APIs by category</a></td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
</center>
|
||
|
</body>
|
||
|
</html>
|