You can use the Certificate Management tool to create a
valid signer certificate.
Before you begin
To use Host Connection Emulator with custom CA certificates,
you must first do one of the following actions:
- Import the Telnet server CA certificate into a key database file
by using the IBM® Key Management
tool.
- Retrieve your personal certificate from the Microsoft Cryptography API (MS-CAPI) provider
keystore by selecting Use MS-CAPI Service Provider in Host
Securities settings on the Host Properties tab.
Note: Administrator privileges are required for creating root
certificates.
Procedure
To create a valid signer certificate by importing the
server CA certificate into a key database file by using the IBM Key Management tool, complete
the following steps:
- Start the IBM Key
Management tool.
- Open the installationPath/jdk/jre/bin directory,
where installationPath is the location where the
product is installed, such as C:\Program Files\IBM\SDP\jdk\jre\bin.
- Double-click the ikeyman program.
The IBM Key Management window opens.
- Click .
- From the Key database type list,
select PKCS12.
- In the File Name field, specify
a file name with the extension .p12. For
example: mykey.p12
- In the Location field, specify the
location where you want to store the database file.
Note: Make
note of where you store this file, and provide this file name and
location to Host Connection Emulator.
- In the Password prompt window, enter
the password that you want to use. Type the password again in the Confirm
password field.
- From the drop-down list in the Key database
content area, select Signer Certificates.
- To add the server certificate, click Add.
The Open window opens.
- To open the location of the server CA certificate, click Browse and
locate the certificate file.
- Select the certificate file to add and click Open.
- Click OK. The CA certificate is
added to the key database file.
- Close the IBM Key Management window.
Note: You can use any name with a .p12 extension
for the key database file. The key database file that is created in
the previous instructions is referred to as the CustomizedCAs.p12 file
in the following instructions.
What to do next
To use the CustomizedCAs.p12 file
in the Host Connection Emulator:
- Open the Host Connection Emulator.
- Click the Host Properties tab.
- Ensure that the SSL Enabled check box is
selected.
- Ensure that you select the security protocol for the session.
- Click Browse next to the CA
Certificate File field and point to the CustomizedCAs.p12 file.
- In the Personal certificate password field,
enter the password for the CustomizedCAs.p12 file.
- From the main menu bar, select to save the Host Connection
Emulator properties
- Close the Host Connection Emulator and open it again. The emulator
session restarts with the new properties.