Adding server certificates to a key repository on IBM i

Follow this procedure to add a requested certificate to the key repository.


After the CA sends you a new server certificate, you add it to the certificate store from which you generated the request. If the CA sends the certificate as part of an email message, copy the certificate into a separate file.

Note:

  • You do not need to perform this procedure if the server certificate is signed by your local CA.
  • Before you import a server certificate in PKCS #12 format into DCM, we must first import the corresponding CA certificate.

Use the following procedure to receive a server certificate into the queue manager certificate store:


Procedure

  1. Access the DCM interface, as described in Accessing DCM.
  2. In the Manage Certificates task category in the navigation panel, click Import Certificate. The Import Certificate page displays in the task frame.
  3. Select the radio button for the certificate type and click Continue. Either the Import Server or Client Certificate page or the Import Certificate Authority (CA) Certificate page displays in the task frame.
  4. In the Import File field, type the file name of the certificate we want to import and click Continue. DCM automatically determines the format of the file.
  5. If the certificate is a Server or client certificate, type the password in the task frame and click Continue. DCM informs you that the certificate has been imported.

Parent topic: Work with SSL/TLS on IBM i