Managing path certificates

Normally Windows environment on iSeries automatically generates the digital certificates it needs to securely transfer its own sensitive data between i5/OS and Windows. These are called path certificates. If you suspect a path certificate problem, you can do the following.

• Ensure that 5722-SS1 Option 34 (Digital Certificate Manager) is installed.
• Ensure that i5/OS and Windows have compatible digital certificates by generating new certificates when starting the server. This should only be done in unusual situations, such as when an old version of a storage space for a Windows system drive is restored without restoring the corresponding i5/OS certificate store also. To generate new path certificates using iSeries Navigator, follow these steps:
  1. Expand Integrated Server Administration.
  2. Expand Servers.
  3. Right-click a server from the list available.
  4. Select Start with options...
  5. Check the Regenerate path certificates option.
  6. Click Start.

If you want to use a CL command, see the Generate path certificate (GENPTHCERT) keyword on the Vary Configuration (VRYCFG) command.