friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14ed2849c6
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzaiw_5.4.0.1/rzaiwconfiguresslclientauth.htm

105 lines
8.1 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Enable client authentication for the Telnet server" />
<meta name="abstract" content="The Telnet server supports the authentication of Telnet client certificates. This means that during the SSL handshake, not only will the server generate a server certificate for the client, but also can optionally check for a valid client certificate depending on how Digital Certificate Manager (DCM) is configured." />
<meta name="description" content="The Telnet server supports the authentication of Telnet client certificates. This means that during the SSL handshake, not only will the server generate a server certificate for the client, but also can optionally check for a valid client certificate depending on how Digital Certificate Manager (DCM) is configured." />
<meta name="DC.Relation" scheme="URI" content="rzaiwssltel.htm" />
<meta name="DC.Relation" scheme="URI" content="rzaiwconfiguresslcert.htm" />
<meta name="DC.Relation" scheme="URI" content="rzaiwconfiguresslenable.htm" />
<meta name="DC.Relation" scheme="URI" content="rzaiwconfiguresslclientauthex.htm" />
<meta name="DC.Relation" scheme="URI" content="rzaiwconfiguresslcert.htm" />
<meta name="DC.Relation" scheme="URI" content="../rzahu/rzahurzahu66adcmstart.htm" />
<meta name="DC.Relation" scheme="URI" content="rzaiwconfiguresslenable.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzaiwconfiguresslclientauth" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Enable client authentication for the Telnet server</title>
</head>
<body id="rzaiwconfiguresslclientauth"><a name="rzaiwconfiguresslclientauth"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Enable client authentication for the Telnet server</h1>
<div><p>The Telnet server supports the authentication of Telnet client
certificates. This means that during the SSL handshake, not only will the
server generate a server certificate for the client, but also can optionally
check for a valid client certificate depending on how Digital Certificate
Manager (DCM) is configured.</p>
<div class="section"><p>The DCM will allow you to configure whether SSL Client Certificates
are required for Telnet sessions.</p>
<p>In order to activate this support,
the System Administrator will indicate how SSL support will be handled. Use
the Telnet Properties General panel in iSeries™ Navigator to indicate whether
SSL, non-SSL, or support for both will start when the Telnet server starts.
By default, the SSL and non-SSL support always starts.</p>
<p>The System Administrator
has the ability to indicate whether the system requires SSL client authentication
for all Telnet sessions. When SSL is active and the system requires client
authentication, the presence of a valid client certificate means that the
client is trusted.</p>
<p>The system applies any negotiated RFC 2877 variables,
and Telnet User exits variables after the satisfaction of SSL controls.</p>
<p>To
update the application specifications in IBM<sup>®</sup> DCM and enable client authentication
for the Telnet server, follow these steps:</p>
</div>
<ol><li><span>Start IBM Digital DCM. If you need to obtain or create certificates,
or otherwise setup or change your certificate system, do so now. See <a href="../rzahu/rzahurzahu401usingdcm.htm" target="_blank">Configure
DCM</a> for information on setting up a certificate system.</span></li>
<li><span>Click <span class="uicontrol">Select a Certificate Store</span>.</span></li>
<li><span>Select <span class="uicontrol">*SYSTEM</span>. Click <span class="uicontrol">Continue</span>.</span></li>
<li><span>Enter the appropriate password for *SYSTEM certificate store. Click <span class="uicontrol">Continue</span>.</span></li>
<li><span>When the left navigational menu reloads, expand <span class="uicontrol">Manage
Applications</span>.</span></li>
<li><span>Click <span class="uicontrol">Update application definition</span>.</span></li>
<li><span>On the next panel, select <span class="uicontrol">Server</span> application.
Click <span class="uicontrol">Continue</span>.</span></li>
<li><span>Select <span class="uicontrol">i5/OS TCP/IP Telnet Server</span>.</span></li>
<li><span>Click <span class="uicontrol">Update Application Definition</span>.</span></li>
<li><span>In the table that displays, select <span class="uicontrol">Yes</span> to
require client authentication.</span></li>
<li><span>Click <span class="uicontrol">Apply</span>.</span></li>
<li><span>DCM reloads to the <span class="uicontrol">Update Application Definition</span> page
with a confirmation message. When you are finished updating the application
definition for the Telnet server, click <span class="uicontrol">Done</span>.</span></li>
</ol>
<div class="section"><p>For an example of what a client needs to do to enable client authentication
by certificate for a Telnet application, see <a href="rzaiwconfiguresslclientauthex.htm">Example: Enable client authentication for a PC5250 session</a>.</p>
<p><strong>What
to do next:</strong></p>
<p>Enable SSL on the Telnet server.</p>
</div>
</div>
<div>
<ul class="ullinks">
<li class="ulchildlink"><strong><a href="rzaiwconfiguresslclientauthex.htm">Example: Enable client authentication for a PC5250 session</a></strong><br />
After you have configured SSL for the Telnet server and specified to use client authentication, users will be required to provide a valid and trusted client certificate to the Telnet server for each connection attempt.</li>
</ul>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzaiwssltel.htm" title="Use this topic to set up SSL on your iSeries server.">Configure SSL on the Telnet server</a></div>
<div class="previouslink"><strong>Previous topic:</strong> <a href="rzaiwconfiguresslcert.htm" title="When you enable the Telnet server on your system to use SSL, you can establish secure Telnet connections to your system from iSeries Access for Windows or from any other SSL-enabled Telnet client, such as a Personal Communications emulator.">Assign a certificate to the Telnet server</a></div>
<div class="nextlink"><strong>Next topic:</strong> <a href="rzaiwconfiguresslenable.htm" title="You can use this topic to understand how to enable SSL on the Telnet server.">Enable SSL on the Telnet server</a></div>
</div>
<div class="reltasks"><strong>Related tasks</strong><br />
<div><a href="rzaiwconfiguresslcert.htm" title="When you enable the Telnet server on your system to use SSL, you can establish secure Telnet connections to your system from iSeries Access for Windows or from any other SSL-enabled Telnet client, such as a Personal Communications emulator.">Assign a certificate to the Telnet server</a></div>
<div><a href="../rzahu/rzahurzahu66adcmstart.htm">Start IBM Digital Digital Certificate Manager (DCM)</a></div>
<div><a href="rzaiwconfiguresslenable.htm" title="You can use this topic to understand how to enable SSL on the Telnet server.">Enable SSL on the Telnet server</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink