Digital certificatesDigital certificates are digitally-signed statements used for secured transactions over the internet. (Digital certificates can be used on AS/400 systems running on Version 4 Release 3 (V4R3) and later.) To make a secure connection using the secure sockets layer (SSL), a digital certificate is required. Digital certificates comprise the following:
As an administrator of a secured server, you can add a certification authority's "trusted root key" to the server. This means that your server will trust anyone who is certified through that particular certification authority. Digital certificates also offer encryption, ensuring a secure transfer of data through a private encryption key. You can create digital certificates through the javakey tool. (For more information about javakey and Java security, see the Sun Microsystems, Inc., Java Security page at http://java.sun.com/security/index.html The AS/400 Digital Certificate classes provide methods to manage X.509 ASN.1 encoded certificates. Classes are provided to do the following:
Using a certificate class causes the AS400 object to connect to the AS/400. See managing connections for information about managing connections. On the AS/400, certificates belong to a validation list or to a user profile.
These two classes extend AS400CertificateUtil, which is an abstract base classes that defines methods common to both subclasses. The AS400Certificate class provides methods to read and write certificate data. Data is accessed as an array of bytes. The Java.Security package in JVM 1.2 provides classes that can be used to get and set individual fields of the certificate. Listing certificatesTo get a list of certificates, the Java program must do the following:
The following example lists certificates in a validation list. It lists only those certificates belonging to a certain person. |
// Create an AS400 object. The // certificates are on this system. AS400 sys = new AS400("mySystem.myCompany.com"); // Create the certificate object. AS400CertificateVldlUtil certificateList = new AS400CertificateVldlUtil(sys, "/QSYS.LIB/MYLIB.LIB/CERTLIST.VLDL"); // Create the certificate attribute // list. We only want certificates // for a single person so the list // consists of only one element. AS400CertificateAttribute[] attributeList = new AS400CertificateAttribute[1]; attributeList[0] = new AS400CertificateAttribute(AS400CertificateAttribute.SUBJECT_COMMON_NAME, "Jane Doe"); // Retrieve the list that matches // the criteria. User space "myspace" // in library "mylib" will be used // for storage of the certificates. // The user space must exist before // calling this API. int count = certificateList.listCertificates(attributeList, "/QSYS.LIB/MYLIB.LIB/MYSPACE.USRSPC"); // Retrieve the certificates from // the user space. AS400Certificates[] certificates = certificateList.getCertificates("/QSYS.LIB/MYLIB.LIB/MYSPACE.USRSPC", 0, 8); // ... process the certificates
[ Legal | AS/400 Glossary ] |