Creating a valid signer certificate by using the Certificate Management tool

You can use the Certificate Management tool to create a valid signer certificate.

Before you begin

To use Host Connection Emulator with custom CA certificates, you must first do one of the following actions:
Note: Administrator privileges are required for creating root certificates.

Procedure

To create a valid signer certificate by importing the server CA certificate into a key database file by using the IBM Key Management tool, complete the following steps:

  1. Start the IBM Key Management tool.
    1. Open the installationPath/jdk/jre/bin directory, where installationPath is the location where the product is installed, such as C:\Program Files\IBM\SDP\jdk\jre\bin.
    2. Double-click the ikeyman program. The IBM Key Management window opens.
  2. Click Key Database File > New.
  3. From the Key database type list, select PKCS12.
  4. In the File Name field, specify a file name with the extension .p12. For example: mykey.p12
  5. In the Location field, specify the location where you want to store the database file.
    Note: Make note of where you store this file, and provide this file name and location to Host Connection Emulator.
  6. In the Password prompt window, enter the password that you want to use. Type the password again in the Confirm password field.
  7. From the drop-down list in the Key database content area, select Signer Certificates.
  8. To add the server certificate, click Add. The Open window opens.
  9. To open the location of the server CA certificate, click Browse and locate the certificate file.
  10. Select the certificate file to add and click Open.
  11. Click OK. The CA certificate is added to the key database file.
  12. Close the IBM Key Management window.
    Note: You can use any name with a .p12 extension for the key database file. The key database file that is created in the previous instructions is referred to as the CustomizedCAs.p12 file in the following instructions.

What to do next

To use the CustomizedCAs.p12 file in the Host Connection Emulator:

  1. Open the Host Connection Emulator.
  2. Click the Host Properties tab.
  3. Ensure that the SSL Enabled check box is selected.
  4. Ensure that you select the security protocol for the session.
  5. Click Browse next to the CA Certificate File field and point to the CustomizedCAs.p12 file.
  6. In the Personal certificate password field, enter the password for the CustomizedCAs.p12 file.
  7. From the main menu bar, select File > Save to save the Host Connection Emulator properties
  8. Close the Host Connection Emulator and open it again. The emulator session restarts with the new properties.

Feedback