ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzahu_5.4.0.1/rzahustep1completeplanningworksheets.htm

128 lines
7.8 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Complete planning work sheets" />
<meta name="DC.Relation" scheme="URI" content="rzahudcmintaccessscen.htm" />
<meta name="DC.Relation" scheme="URI" content="rzahustep2createaserverorclientcertificaterequest.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzahustep1completeplanningworksheets" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Complete planning work sheets</title>
</head>
<body id="rzahustep1completeplanningworksheets"><a name="rzahustep1completeplanningworksheets"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Complete planning work sheets</h1>
<div><div class="section"><p>The following planning work sheets demonstrate the information
that you need to gather and the decisions you need to make to prepare the
digital certificate implementation that this scenario describes. To ensure
a successful implementation, you need to be able to answer <samp class="codeph">Yes</samp> to
all prerequisite items and you need to have gathered all the information requested
before you perform any configuration tasks.</p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><caption>Table 1. Certificate implementation
prerequisite planning work sheet</caption><thead align="left"><tr><th valign="top" id="d0e24">Prerequisite work sheet</th>
<th valign="top" id="d0e26">Answers</th>
</tr>
</thead>
<tbody><tr><td valign="top" headers="d0e24 ">Is your <span class="keyword">i5/OS™</span> V5R42
(5722-SS1)?</td>
<td valign="top" headers="d0e26 "><samp class="codeph">Yes</samp></td>
</tr>
<tr><td valign="top" headers="d0e24 ">Is option 34 of <span class="keyword">i5/OS</span> installed
on your system?</td>
<td valign="top" headers="d0e26 "><samp class="codeph">Yes</samp></td>
</tr>
<tr><td valign="top" headers="d0e24 ">Is the <span class="keyword">IBM<sup>®</sup> HTTP Server for i5/OS</span> (5722DG1)
installed on your system and Administrative server instance started?</td>
<td valign="top" headers="d0e26 "><samp class="codeph">Yes</samp></td>
</tr>
<tr><td valign="top" headers="d0e24 ">Is TCP configured for your system so that you can use
a Web browser and the HTTP Server Administrative server instance to access
DCM?</td>
<td valign="top" headers="d0e26 "><samp class="codeph">Yes</samp></td>
</tr>
<tr><td valign="top" headers="d0e24 ">Do you have *SECADM and *ALLOBJ special authorities?</td>
<td valign="top" headers="d0e26 "><samp class="codeph">Yes</samp></td>
</tr>
</tbody>
</table>
</div>
<p>You need to gather the following information about your digital
certificate implementation to perform the necessary configuration tasks to
complete the implementation:</p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><caption>Table 2. Certificate implementation configuration
planning work sheet</caption><thead align="left"><tr><th valign="top" id="d0e84">Planning work sheet for <span class="keyword">iSeries™</span> A</th>
<th valign="top" id="d0e90">Answers</th>
</tr>
</thead>
<tbody><tr><td valign="top" headers="d0e84 ">Will you operate your own Local CA or obtain certificates
for your application from a public CA?</td>
<td valign="top" headers="d0e90 "><samp class="codeph">Obtain certificate from public CA</samp></td>
</tr>
<tr><td valign="top" headers="d0e84 ">Does <span class="keyword">iSeries</span> A
host the applications that you want to enable for SSL?</td>
<td valign="top" headers="d0e90 "><samp class="codeph">Yes</samp></td>
</tr>
<tr><td valign="top" headers="d0e84 ">What distinguished name information will you use for
the certificate signing request (CSR) that you use DCM to create? <ul><li><span class="uicontrol">Key size</span>: determines strength of cryptographic
keys for certificate.</li>
<li><span class="uicontrol">Certificate label</span>: identifies the certificate with
a unique string of characters. </li>
<li><span class="uicontrol">Common name</span>: identifies the owner of the certificate,
such as a person, entity, or application; part of the Subject DN for the certificate.</li>
<li><span class="uicontrol">Organization unit</span>: identifies the organizational
section or area for the application that will use this certificate.</li>
<li><span class="uicontrol">Organization name</span>: identifies your company or divisional
section for the application that will use this certificate.</li>
<li><span class="uicontrol">Locality or city</span>: identifies your city or a locality
designation for your organization.</li>
<li><span class="uicontrol">State or province</span>: identifies the state or province
in which you will use this certificate.</li>
<li><span class="uicontrol">Country or region</span>: identifies, with a two-letter
designation, the country or region in which you will use this certificate.</li>
</ul>
</td>
<td valign="top" headers="d0e90 "><span class="uicontrol">Key size</span>: <samp class="codeph">1024</samp><span class="uicontrol">Certificate
label</span>: <samp class="codeph">Myco_public_cert</samp><span class="uicontrol">Common name</span>: <samp class="codeph">myco_rate_server@myco.com</samp><span class="uicontrol">Organization
unit</span>: <samp class="codeph">Rate dept</samp><span class="uicontrol">Organization name</span>: <samp class="codeph">myco</samp><span class="uicontrol">Locality
or city</span>: <samp class="codeph">Any_city</samp><span class="uicontrol">State or province</span>: <samp class="codeph">Any</samp><span class="uicontrol">Country
or region</span>: <samp class="codeph">ZZ</samp></td>
</tr>
<tr><td valign="top" headers="d0e84 ">What is the DCM application ID for the application that
you want to configure to use SSL?</td>
<td valign="top" headers="d0e90 "><samp class="codeph">mcyo_agent_rate_app</samp></td>
</tr>
<tr><td valign="top" headers="d0e84 ">Will you configure the SSL-enabled application to use
certificates for client authentication? If yes, which CAs do you want to
add to the application's CA trust list?</td>
<td valign="top" headers="d0e90 "><samp class="codeph">No</samp></td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzahudcmintaccessscen.htm" title="In this scenario, you lean when and how to use certificates as an authentication mechanism to protect and limit access by public users to public or extranet resources and applications.">Scenario: Use certificates for external authentication</a></div>
<div class="nextlink"><strong>Next topic:</strong> <a href="rzahustep2createaserverorclientcertificaterequest.htm">Create a server or client certificate request</a></div>
</div>
</div>
</body>
</html>