ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzahu_5.4.0.1/rzahumngsyscertapp.htm

91 lines
6.5 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Manage the certificate assignment for an application" />
<meta name="abstract" content="You must use Digital Certificate Manager (DCM) to assign a certificate to an application before the application can perform a secure function, such as establishing a Secure Sockets Layer (SSL) session or signing an object." />
<meta name="description" content="You must use Digital Certificate Manager (DCM) to assign a certificate to an application before the application can perform a secure function, such as establishing a Secure Sockets Layer (SSL) session or signing an object." />
<meta name="DC.Relation" scheme="URI" content="rzahurzahu444worksecureapps.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="mng_sys_cert_app" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Manage the certificate assignment for an application</title>
</head>
<body id="mng_sys_cert_app"><a name="mng_sys_cert_app"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Manage the certificate assignment for an application</h1>
<div><p>You must use Digital Certificate Manager (DCM) to assign a certificate
to an application before the application can perform a secure function, such
as establishing a Secure Sockets Layer (SSL) session or signing an object.</p>
<div class="section"> <p> To assign a certificate to an application, or to change the
certificate assignment for an application, follow these steps:</p>
</div>
<ol><li class="stepexpand"><span><a href="rzahurzahu66adcmstart.htm#rzahu66a-dcm_start">Start
DCM</a>. </span></li>
<li class="stepexpand"><span>Click <span class="uicontrol">Select a Certificate Store</span> and select
the appropriate certificate store. (This is either the *SYSTEM certificate
store or the *OBJECTSIGNING certificate store depending on the type of application
to which you are assigning a certificate.) </span> <div class="note"><span class="notetitle">Note:</span> If you have questions
about how to complete a specific form in this guided task, select the question
mark (<span class="uicontrol">?</span>) at the top of the page to access the online
help. </div>
</li>
<li class="stepexpand"><span>When the Certificate Store and Password page displays, provide
the password that you specified for the certificate store when you created
it and click <span class="uicontrol">Continue</span>.</span></li>
<li class="stepexpand"><span>In the navigation frame, select <span class="uicontrol">Manage Applications</span> to
display a list of tasks.</span></li>
<li class="stepexpand"><span>If you are in the *SYSTEM certificate store, select the type of
application to manage. (Select either <span class="uicontrol">Server</span> or <span class="uicontrol">Client</span> application,
as appropriate.)</span></li>
<li class="stepexpand"><span>From the task list, select <span class="uicontrol">Update certificate assignment</span> to
display a list of applications for which you can assign a certificate. </span></li>
<li class="stepexpand"><span>Select an application from the list and click <span class="uicontrol">Update
Certificate Assignment</span> to display a list of certificates that
you can assign to the application. </span></li>
<li class="stepexpand"><span>Select a certificate from the list and click <span class="uicontrol">Assign
New Certificate</span>. DCM displays a message to confirm your certificate
selection for the application.</span> <div class="note"><span class="notetitle">Note:</span> If you are assigning a certificate
to an SSL-enabled application that supports the use of certificates for client
authentication, you must <a href="rzahumngcaapptrust.htm#mng_ca_app_trust">define
a CA trust list</a> for the application. This ensures that the application
can validate only those certificates from CAs that you specify as trusted.
If users or a client application presents a certificate from a CA that is
not specified as trusted in the CA trust list, the application will not accept
it as a basis for valid authentication.</div>
</li>
</ol>
<div class="section"> <p>When you change or remove a certificate for an application, the
application may or may not be able to recognize the change if the application
is running at the time you change the certificate assignment. For example, <span class="keyword">iSeries™ Access for Windows<sup>®</sup></span> servers will apply any certificate
changes that you make automatically. However, you may need to stop and start
Telnet servers, the <span class="keyword">IBM<sup>®</sup> HTTP Server for i5/OS™</span>,
or other applications before these applications can apply your certificate
changes.</p>
<p>In <span class="keyword">OS/400<sup>®</sup></span> V5R2
or later, you can use the <a href="rzahuassigncert.htm#assigncert">Assign
certificate</a> task when you want to assign a certificate to several applications
at once. </p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzahurzahu444worksecureapps.htm" title="This topic provides information about creating application definitions and how to manage an application's certificate assignment. You can learn about defining CA trust lists that applications use as the basis of accepting certificates for client authentication.">Manage applications in DCM</a></div>
</div>
</div>
</body>
</html>