AS/400 Internet Security: Developing a Digital Certificate Infrastructure
An IBM Redbooks publication
Note: This is publication is now archived. For reference only.
This IBM Redbooks publication is the first publication that shows in a complete picture how digital certificates can be used for security on the AS/400 system.
One of the reasons why many customers should consider using digital certificates is to secure their Internet and intranet applications. Everybody knows that nowadays almost every Internet application requires a user ID and password to get access to it. And of course it is very likely that one user never gets a single user ID for different applications, which means a user has to remember several user IDs and passwords. The worst case is that users start to write down their passwords, which weakens the security policies that are in place. The answer to get rid of many user IDs and passwords is using digital certificates.
For applications and servers that already support client authentication through digital certificates, there is no need to use User IDs and passwords anymore. A single certificate issued by a well-known Certificate Authority can serve as an identifier of an entity for many applications.
This book describes what you can do with digital certificates on the AS/400 system . It explains how to set up the various servers and clients to use certificates. Further it provides information and sample code of how to use AS/400 system APIs to manage and use digital certificates in user applications.
It also gives a basic introduction to the terms and technologies used when dealing with digital certificates and the Secured Socket Layer protocol.
Chapter 1. Introduction to Digital Certificates
Chapter 2. Secured Sockets Layer protocol overview
Chapter 3. Introducing Digital Certificate Management APIs
Chapter 4. Securing the HTTP Server for AS/400
Chapter 5. Digital Certificate Manager for AS/400
Chapter 6. Enabling SSL on AS/400 standard server applications
Chapter 7. Introducing Digital Certificates in User Applications
Chapter 8. Example Application: Using APIs with ILE RPG
Chapter 9. Example Application: Using Certificates in Java
Appendix A. Cryptographic product regulations
Appendix B. Enabling SSL for the *ADMIN HTTP server
Appendix C. Obtaining a digital certificate
Appendix D. Sample Java program using SSL