AS/400 Toolbox for Java \
Security classes \ Secure Sockets
Layer \ SSL requirements
SSL requirements
SSL prerequisites
Before you can use SSL with AS/400 Toolbox for Java, you must
follow the steps outlined below:
- Install the Cryptographic Access Provider licensed program for
AS/400 (5769-AC1, 5769-AC2, or 5769-AC3) on your AS/400
- Install the AS/400 Client Encryption licensed program
(5769-CE1, 5769-CE2, or 5769-CE3) on your AS/400
- You should control authorization of the users to the files. To
help you to meet the SSL legal
responsibilities, you must change the authority of the
directory that contains the SSL files to control user access to the
files. In order to change the authority, you must follow the steps
below:
- Enter the command: wrklnk
'/QIBM/ProdData/HTTP/Public/jt400/*'
- Select option 9 in the directory (SSL40, SSL56, or SSL128)
- Ensure *PUBLIC has *EXCLUDE authority.
- Give users who need access to the SSL files *RX authority to
the directory. You can authorize individual users or groups of
users.
Note: Users with *ALLOBJ special
authority cannot be denied access to the SSL files. |
- Get and configure the server certificate. To do this, you need
to do the following:
- Install the following products:
- Get a server certificate:
- Apply the certificate to the following AS/400 servers that are
used by AS/400 Toolbox for Java:
- QIBM_OS400_QZBS_SVR_CENTRAL
- QIBM_OS400_QZBS_SVR_DATABASE
- QIBM_OS400_QZBS_SVR_DTAQ
- QIBM_OS400_QZBS_SVR_NETPRT
- QIBM_OS400_QZBS_SVR_RMTCMD
- QIBM_OS400_QZBS_SVR_SIGNON
- QIBM_OS400_QZBS_SVR_FILE
- QIBM_OS400_QRW_SVR_DDM_DRDA
SSL requirements
After you are sure that your AS/400 meets the requirements for
SSL, follow the steps outlined below to use SSL on your
workstations.
- Copy the proper SSL encryption
algorithms: either sslightu.zip or sslightx.zip
- Update the CLASSPATH
- Download your certificate if you have
built your own
- Use the AS/400 Secure Class within your
application