Assign a certificate to the Telnet server

When you enable the Telnet server on your system to use SSL, you can establish secure Telnet connections to your system from iSeries™ Access for Windows® or from any other SSL-enabled Telnet client, such as a Personal Communications emulator.

Before you can configure the Telnet server to use SSL, you must have installed the prerequisite programs and set up digital certificates on your system.
  1. Start IBM® Digital Certificate Manager (DCM).
    Note: If you have questions about how to complete a specific form while using DCM, select the question mark (?) at the top of the page to access the online help.
  2. In the navigation frame, click Select a Certificate Store and select either *OBJECTSIGNING or *SYSTEM as the certificate store to open.
  3. Enter the password for the certificate store and click Continue.
  4. After the navigation frame refreshes, select Manage Certificates to display a list of tasks.
  5. From the list of tasks, select Assign certificate to display a list of certificates for the current certificate store.
  6. Select a certificate from the list and click Assign to Applications to display a list of application definitions for the current certificate store.
  7. Select Telnet from the list and click Continue. A page displays with either a confirmation message for your assignment selection or an error message if a problem occurred.
Note: The iSeries Access for Windows clients key database must contain a copy of any required Certificate Authority (CA) certificates. In this case, a CA certificate must exist in the key database for the certificate that you assign to the Telnet server application. The key database comes preconfigured with copies of CA certificates from almost all well-known public CAs. If you choose to assign a certificate to the telnet server that a Local CA issues, however, then you must add a copy of the Local CA certificate to the client key database. To learn how to add a copy of a Local CA certificate, see Step 5: Enable SSL on the Telnet client in the Telnet scenario: Secure Telnet with SSL - Configuration Details.

The i5/OS® Telnet server supports client authentication as an optional component in SSL configuration. Client authentication occurs when the server verifies the identity of the client by authenticating the client certificate passed up to the server application.

What to do next:

Enable client authentication for the Telnet server (optional step) or Enable SSL on the Telnet server.

Parent topic: Configure SSL on the Telnet server
Previous topic: Remove port restrictions
Next topic: Enable client authentication for the Telnet server
Related concepts
Prerequisite programs
Configuration details
Related tasks
Remove port restrictions
Set up digital certificates
Start IBM Digital Certificate Manager (DCM)
Enable client authentication for the Telnet server
Enable SSL on the Telnet server
Check system status