Skip to main content

IBM eServer iSeries Wired Network Security: OS/400 V5R1 DCM and Cryptographic Enhancements

An IBM Redbooks publication

Note: This is publication is now archived. For reference only.

thumbnail 

Published on 11 July 2001

  1. .PDF (9.8 MB)


Share this page:   

ISBN-10: 0738422169
ISBN-13: 9780738422169
IBM Form #: SG24-6168-00


Authors: Thomas Barlen, Barbara Barlocco, Colin Grierson, Vanessa Moffitt and Andreas Stadelmann

    menu icon

    Abstract

    With the increasing number of customers that conduct business over the Internet or other untrusted networks, there is a rising demand to protect data traffic. This IBM Redbooks publication focuses on the network security enhancements that are introduced with OS/400 Version 5 Release 1. You learn how to implement and use the new object signing capabilities, so Business Partners and customers can distribute objects over an untrusted network while assuring their integrity. You are guided through the redesigned Digital Certificate Manager (DCM) with its new functions, such as Certificate Revocation List processing.

    For the e-commerce world, availability, security, and performance are critical to business. This book introduces the new 4758 Cryptographic Coprocessor support, which helps improve SSL performance and security. It takes you through the cryptographic coprocessor configuration and explains how to use it by DCM.

    This book introduces the new Global Secure Toolkit (GSKit) APIs that provide better functions and more flexibility when writing SSL Sockets applications. You’ll find sample code written in ILE RPG to introduce these new APIs.

    This is the first publication to provide complete information about the supported encryption and authentication algorithms and key lengths. It shows how to control your Web server to accept certain ciphers for a secure connection using the new SSL directives.

    Table of Contents

    Chapter 1. Introduction

    Chapter 2. Digital Certificate Manager

    Chapter 3. Object Signing

    Chapter 4. Using hardware cryptography support for SSL/TLS

    Chapter 5. Securing OS/400 application traffic with SSL/TLS

    Chapter 6. Using SSL in ILE RPG sockets applications

    Chapter 7. Ciphers and cryptographic product considerations

    Appendix A. 4758 cryptographic coprocessor hardware commands

    Appendix B. Granting access to the *SYSTEM certificate store

    Appendix C. Enabling SSL for the ADMIN server instance

    Appendix D. Creating a local Certificate Authority

    Appendix E. Certificate import/export interoperability tests

    Appendix F. Publishing a CRL to an OS/400 LDAP server

    Appendix G. Using the additional material

     

    Others who read this also read