Creating an application definition

 

Review this topic to learn how about the two different types of applications that you can define and work with.

There are two types of application definitions that you can work with in DCM: application definitions for server or client applications that use SSL and application definitions that you use for signing objects.

To use DCM to work with SSL application definitions and their certificates, the application must first be registered with DCM as an application definition so that it has a unique application ID. Application developers register SSL-enabled applications by using an API (QSYRGAP, QsyRegisterAppForCertUse) to create the application ID in DCM automatically. All IBM® System i™ SSL-enabled applications are registered with DCM so that you can easily use DCM to assign a certificate to them so that they can establish an SSL session. Also, for applications that you write or purchase, you can define an application definition and create the application ID for it within DCM itself. You must be working in the *SYSTEM certificate store to create an SSL application definition for either a client application or a server application.

To use a certificate to sign objects, you first must define an application for the certificate to use. Unlike an SSL application definition, an object signing application does not describe an actual application. Instead, the application definition that you create might describe the type or group of objects that you intend to sign. You must be working in the *OBJECTSIGNING certificate store to create an object signing application definition.

To create an application definition, follow these steps:

  1. Start DCM. Refer to Starting DCM.

  2. Click Select a Certificate Store and select the appropriate certificate store. (This is either the *SYSTEM certificate store or the *OBJECTSIGNING certificate store depending on the type of application definition that you are creating.)

    If you have questions about how to complete a specific form in this guided task, select the question mark (?) at the top of the page to access the online help.

  3. When the Certificate Store and Password page displays, provide the password that you specified for the certificate store when you created it and click Continue.

  4. In the navigation frame, select Manage Applications to display a list of tasks.

  5. Select Add application from the task list to display a form for defining the application.

    If you are working in the *SYSTEM certificate store, DCM will prompt you to choose whether to add a server application definition or a client application definition.

  6. Complete the form and click Add. The information that you can specify for the application definition varies based on the type of application that you are defining. If you are defining a server application, you can also specify whether the application can use certificates for client authentication and must require client authentication. You can also specify that the application must use a CA trust list to authenticate certificates.

 

Parent topic:

Managing applications in DCM

Related concepts
Application definitions