Question & Answer
Question
How do I use Client Certificates with IBM i Access Client Solutions
Cause
The KeyManager for IBM i Access Client Solutions does not provide an option to add Client Certificates to the Key store on the pc.
Answer
When you create a Client Certificate (User) in DCM and install it to the browser you will want to create a Backup of that Client Certificate and put it in a folder on the pc. If you select the option to create a backup it will have a file extension of p12.
2) Go to the TLS/SSL on the left hand side.
Certificate Source: KeyStore File Path
KeyStore File Path: Location of the user cert (in this case my desktop)
Certificate Name: Use the Drop Down to select the users certificate
How often to Prompt: Select Option that you want. (First time you will need to add the password of the
users Certificate -set when you created the backup from browser)
3) To verify that the session is using the users Certificate...go to Communication -Security ... on Session and Select Show Client Certificate...This will show the users certificate details.
ie: C:\Users\Public\Public Documents\IBM\ACS_User_Certs
To configure the session you will need to do the following:
1) Go to Communication and Configure and select Protocol: Telnet-TLS/SSL
2) Go to the TLS/SSL on the left hand side.
Certificate Source: KeyStore File Path
KeyStore File Path: Location of the user cert (in this case my desktop)
Certificate Name: Use the Drop Down to select the users certificate
How often to Prompt: Select Option that you want. (First time you will need to add the password of the
users Certificate -set when you created the backup from browser)
3) To verify that the session is using the users Certificate...go to Communication -Security ... on Session and Select Show Client Certificate...This will show the users certificate details.
NOTE:
You can now import the client certificate into Access Client Solutions KeyManagement
1) Go to Tools from the Main User Interface of Client Solutions and select KeyManagement
2) From the Key Database Content use the drop down arrow to select Personal Certificates
3) Select Import on the Lower Right corner
4) Navigate to where the client cert is and follow the prompts to import it.
Once that is done you can use the
[{"Product":{"code":"SWG60","label":"IBM i"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Component":"Access Client Solutions","Platform":[{"code":"PF012","label":"IBM i"}],"Version":"Version Independent","Edition":"","Line of Business":{"code":"LOB57","label":"Power"}}]
Was this topic helpful?
Document Information
Modified date:
16 December 2020
UID
nas8N1022570