XCOM certificate implementation on AS/400
search cancel

XCOM certificate implementation on AS/400

book

Article ID: 110035

calendar_today

Updated On:

Products

XCOM Data Transport XCOM Data Transport - Windows XCOM Data Transport - Linux PC XCOM Data Transport - z/OS

Issue/Introduction

How to implement OpenSSL certificates on iSeries(AS/400)

Environment

XCOM r11.0

Resolution

Do not edit the ssl configuration files- cassl.conf, clientssl.conf or serverssl.conf. 

  1. In the CL command line, enter CALL QP2TERM. You are now in the PASE shell.
  2. Change directory to  /QOpenSys/CAProduct/ConfigFile/CAXCOM/ssl. You are now in the location to run the utility for creating certificates. 
  3. Run makeca followed by makeclient and makeserver.
  4. This will create a CERTS and PRIVATE subdirectory under the SSL directory.
  5. The scripts produce the following files: 
    1. makeca: random.pem, certs/cassl.pem and private/casslkey.pem
       
    2. makeclient: certs/clientcert.pem and private/clientkey.pem
       
    3. makeserver: certs/servercert.pem and private/serverkey.pem
       6. To list the certificate just created, issue the following commands to use scripts:  ./listca or ./listclient or ./listserver

Note: Please know that the certificates generated via the supplied scripts are intended for testing the product with OpenSSL. You need to contact your Security Administrator for details on how your site implements SSL.

Additional Information

Here is the link for the XCOM Admin guide:

​https://docops.ca.com/ca-xcom-data-transport-for-as/400/11-0-02/en/administrating/generating-tls-ssl-certificates
Powered by Wolken Software