81 lines
5.5 KiB
HTML
81 lines
5.5 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="task" />
|
|
<meta name="DC.Title" content="Manage the request location for a PKIX CA" />
|
|
<meta name="abstract" content="A Public Key Infrastructure for X.509 (PKIX) Certificate Authority (CA) is a CA that issues certificates based on the newest Internet X.509 standards for implementing a public key infrastructure." />
|
|
<meta name="description" content="A Public Key Infrastructure for X.509 (PKIX) Certificate Authority (CA) is a CA that issues certificates based on the newest Internet X.509 standards for implementing a public key infrastructure." />
|
|
<meta name="DC.Relation" scheme="URI" content="rzahurzahumanagedcm.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzahurzahu66cdcminternetcertsr4.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="rzahupkix_manage_pkix_location" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Manage the request location for a PKIX CA</title>
|
|
</head>
|
|
<body id="rzahupkix_manage_pkix_location"><a name="rzahupkix_manage_pkix_location"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Manage the request location for a PKIX CA</h1>
|
|
<div><p>A Public Key Infrastructure for X.509 (PKIX) Certificate Authority
|
|
(CA) is a CA that issues certificates based on the newest Internet X.509 standards
|
|
for implementing a public key infrastructure. </p>
|
|
<div class="section"> <p>A PKIX CA requires more stringent identification before issuing
|
|
a certificate; usually by requiring that an applicant provide proof of identity
|
|
through a Registration Authority (RA). After the applicant supplies the proof
|
|
of identity that the RA requires, the RA certifies the applicant's identity.
|
|
Either the RA or the applicant, depending on the CAs established procedure,
|
|
submits the certified application to the associated CA. As these standards
|
|
are adopted more widely, PKIX compliant CAs will become more widely available.
|
|
You might investigate using a PKIX compliant CA if your security needs require
|
|
strict access control to resources that your SSL-enabled applications provide
|
|
to users. For example, Lotus<sup>®</sup> Domino<sup>®</sup> provides a PKIX CA for public use.</p>
|
|
<p>If
|
|
you choose to have a PKIX CA issue certificates for your applications to use,
|
|
you can use Digital Certificate Manager (DCM) to manage these certificates.
|
|
You use DCM to configure a URL for a PKIX CA. Doing so configures Digital
|
|
Certificate Manager (DCM) to provide a PKIX CA as an option for obtaining
|
|
signed certificates. </p>
|
|
<p>To use DCM to manage certificates from a PKIX
|
|
CA, you must configure DCM to use the location for the CA by following these
|
|
steps: </p>
|
|
</div>
|
|
<ol><li><span><a href="rzahurzahu66adcmstart.htm#rzahu66a-dcm_start">Start
|
|
DCM</a>.</span></li>
|
|
<li><span>In the navigation frame, select <span class="uicontrol">Manage PKIX Request
|
|
Location</span> to display a form that allows you to specify the URL
|
|
for the PKIX CA or its associated RA.</span></li>
|
|
<li><span>Enter the fully qualified URL for the PKIX CA that you want to
|
|
use for requesting a certificate; for example: <samp class="codeph">http://www.thawte.com</samp> and
|
|
click <span class="uicontrol">Add</span>. Adding the URL configures DCM to add the
|
|
PKIX CA as an option for obtaining signed certificates. </span></li>
|
|
</ol>
|
|
<div class="section"> <div class="p">After you add a PKIX CA request location, DCM adds PKIX CA as
|
|
an option for specifying the type of CA that you can choose for issuing a
|
|
certificate when using the <span class="uicontrol">Create Certificate</span> task. <div class="note"><span class="notetitle">Note:</span> PKIX
|
|
standards are outlined in Request For Comments (RFC) 2560. </div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzahurzahumanagedcm.htm" title="Use this information to learn how to use DCM to manage your certificates and the applications that use them. Also, you can learn about how to digitally sign objects and how to create and operate your own Certificate Authority.">Manage DCM</a></div>
|
|
</div>
|
|
<div class="relconcepts"><strong>Related concepts</strong><br />
|
|
<div><a href="rzahurzahu66cdcminternetcertsr4.htm" title="Review this information to learn how to manage certificates from a public Internet CA by creating a certificate store.">Manage certificates from a public Internet CA</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |