ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzahu_5.4.0.1/rzahuverifyingsignatures.htm

125 lines
9.2 KiB
HTML
Raw Permalink Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Verify object signatures" />
<meta name="abstract" content="You can use Digital Certificate Manager (DCM) to verify the authenticity of digital signatures on objects. When you verify the signature, you ensure that the data in the object has not been changed since the object owner signed the object." />
<meta name="description" content="You can use Digital Certificate Manager (DCM) to verify the authenticity of digital signatures on objects. When you verify the signature, you ensure that the data in the object has not been changed since the object owner signed the object." />
<meta name="DC.Relation" scheme="URI" content="rzahurzahumanagedcm.htm" />
<meta name="DC.Relation" scheme="URI" content="rzahurzahusignsigningobjects.htm" />
<meta name="DC.Relation" scheme="URI" content="rzahurzahu43cpubcertsverify.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="verifying_signatures" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Verify object signatures</title>
</head>
<body id="verifying_signatures"><a name="verifying_signatures"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Verify object signatures</h1>
<div><p>You can use Digital Certificate Manager (DCM) to verify the authenticity
of digital signatures on objects. When you verify the signature, you ensure
that the data in the object has not been changed since the object owner signed
the object.</p>
<div class="section"> <p><span class="uicontrol">Signature verification prerequisites</span></p>
<div class="p"> Before
you can use DCM to verify signatures on objects, you must ensure that certain
prerequisite conditions are met: <ul><li>You must have created the *SIGNATUREVERIFICATION certificate store to <a href="rzahurzahu43cpubcertsverify.htm#rzahu43c_pub_certs_verify">manage your
signature verification certificates</a>. <div class="note"><span class="notetitle">Note:</span> You can perform signature
verification while working within the *OBJECTSIGNING certificate store in
cases where you are verifying signatures for objects that were signed on the
same system. The steps that you perform to verify the signature in DCM are
the same in either certificate store. However, the *SIGNATUREVERIFICATION
certificate store must exist and must contain a copy of the certificate that
signed the object even if you perform signature verification while working
within the *OBJECTSIGNING certificate store. </div>
</li>
<li>The *SIGNATUREVERIFICATION certificate store must contain a copy of the
certificate that signed the objects. </li>
<li>The *SIGNATUREVERIFICATION certificate store must contain a copy of the
CA certificate that issued the certificate that signed the objects.</li>
</ul>
</div>
<p><span class="uicontrol">Use DCM to verify signatures on objects</span></p>
<p>To
use DCM to verify object signatures, follow these steps: </p>
</div>
<ol><li class="stepexpand"><span><a href="rzahurzahu66adcmstart.htm#rzahu66a-dcm_start">Start
DCM</a>.</span> </li>
<li class="stepexpand"><span>In the navigation frame, click <span class="uicontrol">Select a Certificate
Store</span> and select <span class="uicontrol">*SIGNATUREVERIFICATION</span> as
the certificate store to open.</span> <div class="note"><span class="notetitle">Note:</span> If you have questions about
how to complete a specific form while using DCM, select the question mark
(<span class="uicontrol">?</span>) at the top of the page to access the online help. </div>
</li>
<li class="stepexpand"><span>Enter the password for the *SIGNATUREVERIFICATION certificate store
and click <span class="uicontrol">Continue</span>.</span></li>
<li class="stepexpand"><span>After the navigation frame refreshes, select <span class="uicontrol">Manage
Signable Objects</span> to display a list of tasks.</span></li>
<li class="stepexpand"><span>From the list of tasks, select <span class="uicontrol">Verify object signature</span> to
specify the location of the objects for which you want to verify signatures.</span></li>
<li class="stepexpand"><span>In the field provided, enter the fully qualified path and file
name of the object or directory of objects for which you want to verify signatures
and click <span class="uicontrol">Continue</span>. Or, enter a directory location
and click <span class="uicontrol">Browse</span> to view the contents of the directory
to select objects for signature verification.</span> <div class="note"><span class="notetitle">Note:</span> You can also
use certain wildcard characters to describe the part of the directory that
you want to verify. These wildcard characters are the asterisk (<span class="uicontrol">*</span>),
which specifies "any number of characters," and the question mark (<span class="uicontrol">?</span>),
which specifies "any single character." For example, to sign all the objects
in a specific directory, you might enter <samp class="codeph">/mydirectory/*</samp>;
to sign all the programs in a specific library, you might enter <samp class="codeph">/QSYS.LIB/QGPL.LIB/*.PGM</samp>.
You can use these wildcard characters only in the last part of the path name;
for example, <samp class="codeph">/mydirectory*/filename</samp> results in an error message.
If you want to use the Browse function to see a list of library or directory
contents, you must enter the wildcard as part of the path name before clicking <span class="uicontrol">Browse</span>.</div>
</li>
<li class="stepexpand"><span>Select the processing options that you want to use for verifying
the signature on the selected object or objects and click <span class="uicontrol">Continue</span>. </span> <div class="note"><span class="notetitle">Note:</span> If you choose to wait for job results, the results file displays
directly in your browser. Results for the current job are appended to the
end of the results file. Consequently, the file may contain results from any
previous jobs, in addition to those of the current job. You can use the date
field in the file to determine which lines in the file apply to the current
job. The date field is in YYYYMMDD format. The first field in the file can
be either the message ID (if an error occurred during processing the object)
or the date field (indicating the date on which the job processed). </div>
</li>
<li class="stepexpand"><span>Specify the fully qualified path and file name to use for storing
job results for the signature verification operation and click <span class="uicontrol">Continue</span>.
Or, enter a directory location and click <span class="uicontrol">Browse</span> to
view the contents of the directory to select a file for storing the job results.
A message displays to indicate that the job was submitted to verify object
signatures. To view the job results, see job <span class="uicontrol">QOBJSGNBAT</span> in
the job log.</span></li>
</ol>
<div class="section"> <p>You can also, use DCM to view information about the certificate
that signed an object. This allows you to determine whether the object is
from a source that you trust before you work with the object.</p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzahurzahumanagedcm.htm" title="Use this information to learn how to use DCM to manage your certificates and the applications that use them. Also, you can learn about how to digitally sign objects and how to create and operate your own Certificate Authority.">Manage DCM</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rzahurzahusignsigningobjects.htm" title="Use this information to learn how to use certificates to ensure an object's integrity or to verify the digital signature on an object to verify its authenticity.">Digital certificates for signing objects</a></div>
</div>
<div class="reltasks"><strong>Related tasks</strong><br />
<div><a href="rzahurzahu43cpubcertsverify.htm" title="You can use Digital Certificate Manager (DCM) to manage the signature verification certificates that you use to validate digital signatures on objects.">Manage certificates for verifying object signatures</a></div>
</div>
</div>
</body>
</html>