Accessing CRLs and ARLs on i5/OS

 

Note that in this section, information about Certificate Revocation Lists (CRLs) also applies to Authority Revocation Lists (ARLs).

Use the following procedure to set up a CRL location for a specific certificate on i5/OS:

  1. Access the DCM interface, as described in Accessing DCM.

  2. In the Manage CRL locations task category in the navigation panel, click Add CRL location. The Manage CRL Locations page displays in the task frame.

  3. In the CRL Location Name field, type a CRL location name, for example LDAP Server #1

  4. In the LDAP Server field, type the LDAP server name.

  5. In the Use Secure Sockets Layer (SSL) field, select Yes if you want to connect to the LDAP server using SSL. Otherwise, select No.

  6. In the Port Number field, type a port number for the LDAP server, for example 389.

  7. If your LDAP server does not allow anonymous users to query the directory, type a login distinguished name for the server in the login distinguished name field.

  8. Click OK. DCM informs you that it has created the CRL location.

  9. In the navigation panel, click Select a Certificate Store. The Select a Certificate Store page displays in the task frame.

  10. Select the Other System Certificate Store check box and click Continue. The Certificate Store and Password page displays.

  11. In the Certificate store path and filename field, type the IFS path and filename you set when Creating a new certificate store.

  12. Type a password in the Certificate Store Password field. Click Continue. The Current Certificate Store page displays in the task frame.

  13. In the Manage Certificates task category in the navigation panel, click Update CRL location assignment. The CRL Location Assignment page displays in the task frame.

  14. Select the radio button for the CA certificate to which you want to assign the CRL location. Click Update CRL Location Assignment. The Update CRL Location Assignment page displays in the task frame.

  15. Select the radio button for the CRL location which you want to assign to the certificate. Click Update Assignment. DCM informs you that it has updated the assignment.

Note that DCM allows you to assign a different LDAP server by Certification Authority.

 

Parent topic:

Accessing CRLs and ARLs with a queue manager


sy12720_