friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
master
ibm-information-center/dist/eclipse/plugins/i5OS.ic.apis_5.4.0.1/qycugsuc.htm

345 lines
9.2 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
<title>Generate and Sign User Certificate Request (QYCUGSUC) API</title>
<!-- Begin Header Records ========================================= -->
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<!-- Created by Barb Smith for V5R2 -->
<!-- at RCHVMW2 on 17 Feb 1999 at 11:05:09 -->
<!-- Change History: -->
<!-- YYMMDD USERID Change description -->
<!-- End Header Records -->
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
</head>
<body>
<a name="Top_Of_Page"></a>
<!-- Java sync-link -->
<script type="text/javascript" language="Javascript" src="../rzahg/synch.js">
</script>
<h2>Generate and Sign User Certificate Request (QYCUGSUC) API</h2>
<div class="box" style="width: 80%;">
<br>
&nbsp;&nbsp;Required Parameter Group:<br>
<!-- iddvc RMBR -->
<br>
<table width="100%">
<tr>
<td align="center" valign="top" width="10%">1</td>
<td align="left" valign="top" width="50%">User name</td>
<td align="left" valign="top" width="20%">Input</td>
<td align="left" valign="top" width="20%">Char(*)</td>
</tr>
<tr>
<td align="center" valign="top">2</td>
<td align="left" valign="top">Organization</td>
<td align="left" valign="top">Input</td>
<td align="left" valign="top">Char(*)</td>
</tr>
<tr>
<td align="center" valign="top">3</td>
<td align="left" valign="top">Organization unit</td>
<td align="left" valign="top">Input</td>
<td align="left" valign="top">Char(*)</td>
</tr>
<tr>
<td align="center" valign="top">4</td>
<td align="left" valign="top">City</td>
<td align="left" valign="top">Input</td>
<td align="left" valign="top">Char(*)</td>
</tr>
<tr>
<td align="center" valign="top">5</td>
<td align="left" valign="top">State</td>
<td align="left" valign="top">Input</td>
<td align="left" valign="top">Char(*)</td>
</tr>
<tr>
<td align="center" valign="top">6</td>
<td align="left" valign="top">Country or region</td>
<td align="left" valign="top">Input</td>
<td align="left" valign="top">Char(*)</td>
</tr>
<tr>
<td align="center" valign="top">7</td>
<td align="left" valign="top">Public key</td>
<td align="left" valign="top">Input</td>
<td align="left" valign="top">Char(*)</td>
</tr>
<tr>
<td align="center" valign="top">8</td>
<td align="left" valign="top">E-mail address</td>
<td align="left" valign="top">Input</td>
<td align="left" valign="top">Char(*)</td>
</tr>
<tr>
<td align="center" valign="top">9</td>
<td align="left" valign="top">File to store signed certificate</td>
<td align="left" valign="top">Input</td>
<td align="left" valign="top">Char(*)</td>
</tr>
</table>
<br>
&nbsp;&nbsp;Returned Value:<br>
<!-- iddvc RMBR -->
<br>
<table width="100%">
<tr>
<td align="center" valign="top" width="10%">&nbsp;</td>
<td align="left" valign="top" width="50%">Return code</td>
<td align="left" valign="top" width="20%">Output</td>
<td align="left" valign="top" width="20%">Binary(4)</td>
</tr>
</table>
<br>
&nbsp;&nbsp;Default Public Authority: *USE<br>
<!-- iddvc RMBR -->
<br>
&nbsp;&nbsp;Threadsafe: No<br>
<!-- iddvc RMBR -->
<br>
</div>
<p>The Generate and Sign User Certificate Request (QYCUGSUC) API generates
a user certificate request and then signs the certificate request using the
local Certificate Authority (CA). The request to generate and sign the user
certificate request must come from a Netscape, or compatible, browser session.
The call to this program must be made using the DTW_DIRECTCALL language
environment in Net.Data.</p>
<p>Error information is returned as a return value from this program. The error
code value can be captured using the RETURNS keyword on the function definition
that uses DTW_DIRECTCALL.</p>
<br>
<h3>Authorities and Locks</h3>
<dl>
<dt><em>User Profile Authority</em></dt>
<dd>Caller of this API must have *ALLOBJ and *SECADM special authorities</dd>
<dt><em>API Public Authority</em></dt>
<dd>*USE</dd>
</dl>
<br>
<h3>Required Parameter Group</h3>
<dl>
<dt><strong>User name</strong></dt>
<dd>INPUT; CHAR(*)
<p>The name of the user for which the certificate request was made. This is a
required field.</p>
</dd>
<dt><strong>Organization</strong></dt>
<dd>INPUT; CHAR(*)
<p>The organization information for the user. This is a required field.</p>
</dd>
<dt><strong>Organization unit</strong></dt>
<dd>INPUT; CHAR(*)
<p>The organization unit information for the user. This may be a NULL
string.</p>
</dd>
<dt><strong>City</strong></dt>
<dd>INPUT; CHAR(*)
<p>The city information for the user. This may be a NULL string.</p>
</dd>
<dt><strong>State</strong></dt>
<dd>INPUT; CHAR(*)
<p>The state information for the user. This is a required field.</p>
</dd>
<dt><strong>Country or region</strong></dt>
<dd>INPUT; CHAR(*)
<p>The country or region information for the user. This is a required field.</p>
</dd>
<dt><strong>Public key</strong></dt>
<dd>INPUT; CHAR(*)
<p>The public key for the certificate request. This value is generated using
the "keygen" HTML directive. This is a required field.</p>
</dd>
<dt><strong>E-mail address</strong></dt>
<dd>Input; CHAR(*)
<p>The e-mail address for the user. This may be a NULL string.</p>
</dd>
<dt><strong>File to store signed certificate</strong></dt>
<dd>Input; CHAR(*)
<p>The absolute pathname for the file in which the signed certificate is
stored. The file will be created if it does not exist. If the file already
exists, the contents of the file will be replaced. This is a required
field.</p>
<p>This parameter is assumed to be represented in the CCSID (coded character
set identifier) currently in effect for the job. If the CCSID of the job is
65535, this parameter is assumed to be represented in the default CCSID of the
job.</p>
</dd>
</dl>
<br>
<h3>Return Codes</h3>
<table width="100%" cellpadding="5">
<tr>
<th align="center" valign="top">Message ID</th>
<th align="left" valign="top">Error Message Text</th>
</tr>
<tr>
<td align="center" valign="top" width="15%">0</td>
<td align="left" valign="top" width="85%">Certificate was successfully
signed.</td>
</tr>
<tr>
<td align="center" valign="top">-99</td>
<td align="left" valign="top">Unexpected error.</td>
</tr>
<tr>
<td align="center" valign="top">71</td>
<td align="left" valign="top">Unable to allocate storage.</td>
</tr>
<tr>
<td align="center" valign="top">93</td>
<td align="left" valign="top">The local Certificate Authority (CA) does not
exist. Use Digital Certificate Manager (DCM) to create the local CA.</td>
</tr>
<tr>
<td align="center" valign="top">95</td>
<td align="left" valign="top">The password for the Local Certificate Authority
(CA) certificate store is not stashed. Use DCM to change the password for the
Local CA certificate store.</td>
</tr>
<tr>
<td align="center" valign="top">3843</td>
<td align="left" valign="top">The state value is too short. It must be at least
3 characters.</td>
</tr>
<tr>
<td align="center" valign="top">3845</td>
<td align="left" valign="top">The caller of this API does not have *ALLOBJ and
*SECADM special authorities.</td>
</tr>
<tr>
<td align="center" valign="top">3857</td>
<td align="left" valign="top">The organization value is required.</td>
</tr>
<tr>
<td align="center" valign="top">3859</td>
<td align="left" valign="top">The country or region value is not valid. It must be 2
characters.</td>
</tr>
<tr>
<td align="center" valign="top">3956</td>
<td align="left" valign="top">The local CA does not allow creation of user
certificates. You must change the policy data for the local CA using DCM.</td>
</tr>
<tr>
<td align="center" valign="top">4003</td>
<td align="left" valign="top">Certificate to be signed is not valid.</td>
</tr>
</table>
<br>
<br>
<h3>Example</h3>
<p>See <a href="../apiref/aboutapis.htm#codedisclaimer">Code disclaimer information</a>
for information pertaining to code examples.</p>
<p>The following is an example of a function call to this program using
Net.Data.</p>
<pre>
%function(DTW_DIRECTCALL) signcert(IN CHAR(10) userName,
IN CHAR(64) orgName,
IN CHAR(64) orgUnitName,
IN CHAR(128) city,
IN CHAR(128) state,
IN CHAR(2) countryRegion,
IN CHAR(1024) publicKey,
IN CHAR(128) email,
IN CHAR(128) storeFile) RETURNS(retVal) {
%EXEC { /QSYS.LIB/QICSS.LIB/QYCUGSUC.PGM %}
%}
</pre>
<br>
<hr>
API introduced: V5R2
<hr>
<center>
<table cellpadding="2" cellspacing="2">
<tr align="center">
<td valign="middle" align="center"><a href="#Top_Of_Page">Top</a> | <a href=
"sec.htm">Security APIs</a> | <a href="aplist.htm">APIs by category</a></td>
</tr>
</table>
</center>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink