ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzahu_5.4.0.1/rzahustep7haveeachuserrequestacertificatefromthelocalca.htm

75 lines
5.1 KiB
HTML
Raw Permalink Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Have each user request a certificate from the Local CA" />
<meta name="DC.Relation" scheme="URI" content="rzahudcmpublicaccessscen.htm" />
<meta name="DC.Relation" scheme="URI" content="rzahustep6haveusersinstallacopyofthelocalcacertificateintheirbrowser.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzahustep7haveeachuserrequestacertificatefromthelocalca" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Have each user request a certificate from the Local CA</title>
</head>
<body id="rzahustep7haveeachuserrequestacertificatefromthelocalca"><a name="rzahustep7haveeachuserrequestacertificatefromthelocalca"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Have each user request a certificate from the Local CA</h1>
<div><div class="section"><p>In earlier steps, you configured the human resources Web server
to require certificates for user authentication. Now users must present a
valid certificate from the Local CA before they are allowed to access the
Web server. Each user must use Digital Certificate Manager (DCM) to obtain
a certificate by using the <span class="uicontrol">Create Certificate</span> task.
In order to obtain a certificate from the Local CA, the Local CA policy must
allow the CA to issue user certificates. </p>
<p>Each user (Clients B, C, and
D) must complete these steps to obtain a certificate: </p>
</div>
<ol><li class="stepexpand"><span><a href="rzahurzahu66adcmstart.htm#rzahu66a-dcm_start">Start
DCM</a>.</span></li>
<li class="stepexpand"><span>In the navigation frame, select <span class="uicontrol">Create Certificate</span>. </span></li>
<li class="stepexpand"><span>Select <span class="uicontrol">User certificate</span> as the type of certificate
to create. A form displays so that you can provide identifying information
for the certificate.</span></li>
<li class="stepexpand"><span>Complete the form and click <span class="uicontrol">Continue</span>. </span> <div class="note"><span class="notetitle">Note:</span> If you have questions about how to complete a specific form in
this guided task, select the question mark (<span class="uicontrol">?</span>) at the
top of the page to access the online help. </div>
</li>
<li class="stepexpand"><span>At this point, DCM works with your browser to create the private
and public key for the certificate. </span> Your browser may display windows
to guide you through this process. Follow the browser's instructions for these
tasks. After the browser generates the keys, a confirmation page displays
to indicate that DCM created the certificate.</li>
<li class="stepexpand"><span>Install the new certificate in your browser software. Your browser
may display windows to guide you through this process. </span> Follow
the instructions that the browser gives to complete this task.</li>
<li class="stepexpand"><span>Click <span class="uicontrol">OK</span> to finish the task.</span></li>
</ol>
<div class="section"><p>During processing, the Digital Certificate Manager automatically
associates the certificate with your <span class="keyword">iSeries™</span> user
profile.</p>
<p>With these tasks complete, only authorized users with a valid
certificate can access data from the human resources Web server and that data
is protected during transmission by SSL.</p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzahudcmpublicaccessscen.htm" title="In this scenario, you to learn how to use certificates as an authentication mechanism to protect and restrict which resources and applications that internal users can access on your internal servers.">Scenario: Use certificates for internal authentication</a></div>
<div class="previouslink"><strong>Previous topic:</strong> <a href="rzahustep6haveusersinstallacopyofthelocalcacertificateintheirbrowser.htm">Have users install a copy of the Local CA certificate in their browser</a></div>
</div>
</div>
</body>
</html>