Use this information to learn how to get started managing certificates from a public Internet Certificate Authority (CA) or how to create and operate a private Local CA to issue certificates.
The left frame of Digital Certificate Manager (DCM) is the task navigation frame. You can use this frame to select a wide variety of tasks for managing certificates and the applications that use them. Which tasks are available depends on which certificate store (if any) you work with and your user profile special authorities. Most tasks are available only if you have *ALLOBJ and *SECADM special authorities. To use DCM to verify object signatures, your user profile must also have *AUDIT special authority.
Even if certificate stores already exist on your system (for example, you are migrating from an earlier version of DCM), DCM displays only a limited number of tasks or task categories in the left navigation frame. Which tasks or categories DCM displays varies based on the certificate store (if any) that is open and the special authorities for your user profile.
You must first access the appropriate certificate store before you can begin working with most certificate and application management tasks. To open a specific certificate store, click Select a Certificate Store in the navigation frame.
The navigation frame of DCM also provides a Secure Connection button. You can use this button to display a second browser window to initiate a secure connection by using Secure Sockets Layer (SSL). To use this function successfully, you must first configure the IBM® HTTP Server for i5/OS™ to use SSL to operate in secure mode. You must then start the HTTP Server in secure mode. If you have not configured and started the HTTP Server for SSL operation, you will see an error message and your browser will not start a secure session.
Getting started
Although you may want to use certificates to accomplish a number of security-related goals, what you do first depends on how you plan to obtain your certificates. There are two primary paths that you can take when you first use DCM, based on whether you intend to use public certificates versus issuing private certificates.