Configuration details: Secure a client connection to your Management Central server with SSL

This topic shows the expanded configurations steps for using SSL to secure a client connection to your Management Central server.

The following information assumes you have read through the Scenario: Secure a client connection to your Management Central server with SSL.

In this scenario, an iSeries™ server is specified as the central system in a company's local area network (LAN). Bob uses the Management Central server on the central system (referred to here as System A) to manage the endpoints on the company network. The following information explains how to perform the steps required to secure an external client connection to the Management Central server. Follow along as Bob completes the scenario configuration steps.

Parent topic: Scenario: Secure a client connection to your Management Central server with SSL
Related concepts
SSL prerequisites
Related tasks
Prerequisites and assumptions:
Related information
Set up certificates for the first time

Step 1: Deactivate SSL for the iSeries Navigator client

This step is only necessary if you have already enabled SSL for the iSeries Navigator client.
  1. In iSeries Navigator, expand My Connections.
  2. Right-click System A and select Properties.
  3. Click the Secure Sockets tab and deselect Use Secure Sockets Layer (SSL) for connection.
  4. Exit iSeries Navigator and restart it.

The padlock disappears from the Management Central container in iSeries Navigator, indicating an unsecured connection. This indicates to Bob that he no longer has an SSL-secured connection between his client and the central system of his company.

Step 2: Set the authentication level for the Management Central server

  1. In iSeries Navigator, right-click Management Central, and select Properties.
  2. Click the Security tab, and select Use Secure Sockets Layer (SSL).
  3. Select Any for the authentication level (available on V5R3 or later of iSeries Access for Windows®).
  4. Click OK to set this value on the central system.

Step 3: Restart the Management Central server on the central system

  1. In iSeries Navigator, expand My Connections.
  2. On System A, expand Network-->Servers and select TCP/IP.
  3. Right-click Management Central and select Stop. The central system view collapses, and a message displays, explaining you are not connected to the server.
  4. After the Management Central server has stopped, click Start to restart it.

Step 4: Activate SSL for the iSeries Navigator client

  1. In iSeries Navigator, expand My Connections.
  2. Right-click System A and select Properties.
  3. Click the Secure Sockets tab and select Use Secure Sockets Layer (SSL) for connection.
  4. Exit iSeries Navigator and restart it.

A padlock appears next to the Management Central server in iSeries Navigator, indicating an SSL-secured connection. This indicates to Bob that he has successfully activated an SSL-secured connection between his client and the central system of his company.

Note: This procedure only secures the connection between one PC and the Management Central server. Other client connections with the Management Central server, as well as connections from endpoints to the Management Central server, will not be secure. To secure other clients, ensure they meet the prerequisites and repeat Step 4: Activate SSL for the iSeries Navigator client. To secure other connections with the Management Central server, see Scenario: Secure all connections to your Management Central server with SSL.

Optional step: Deactivate SSL for the iSeries Navigator client

If Bob wants to work from the company office and does not want an SSL connection affecting the performance of his PC, he can easily deactivate it by performing the following steps:
  1. In iSeries Navigator, expand My Connections.
  2. Right-click System A and select Properties.
  3. Click the Secure Sockets tab and deselect Use Secure Sockets Layer (SSL) for connection.
  4. Exit iSeries Navigator and restart it.