As of V4R4, Digital Certificate Manager (DCM) stores digital certificates in key database files instead of the key ring files that were used in V4R3. DCM started referring to both the old key ring files and the new key database files as certificate stores. The certificate store can also contain the certificate's private key, but in general, only the original certificate store that created the key pair will be stored. So, for example, the copies of CA certificates that are in a system certificate store will not include the private key, but the actual CA certificate store will have both the CA certificate's private and public keys.
There are two types of certificate stores: system certificate stores, used with public CAs and Certificate Authority default certificate stores, used when the system has a local CA on it. DCM controls access to certificate stores through passwords in addition to access control of the IFS directory and the IFS files that constitute the certificate store.
| [ Information Center Home Page | Feedback ] | [ Legal | AS/400 Glossary ] |