Configuring SSL on the Telnet server

 

The most important factor to consider when enabling SSL on the Telnet server is the sensitivity of the information that is involved in client sessions. If the information is sensitive, or private, then securing the Telnet server with SSL is recommended.

To configure SSL on the Telnet server, follow these steps:

  1. Install the following software to support Telnet SSL and to manage digital certificates:

  2. Ensure that you have removed port restrictions and allowed SSL to start.

  3. Assign a certificate to the Telnet server.

  4. Enable client authentication for the Telnet server (optional step).

  5. Enable SSL on the Telnet server.

  6. Start the Telnet server.

  1. Removing port restrictions
    In releases before V5R1, port restrictions were used because Secure Sockets Layer (SSL) support was not available for Telnet. Now you can specify whether SSL, non-SSL, or both are to start. Therefore, there is no longer a need for port restrictions.
  2. Assigning a certificate to the Telnet server
    When you enable the Telnet server on your system to use Secure Sockets Layer (SSL), you can establish secure Telnet connections to your system from iSeries™ Access for Windows® or from any other SSL-enabled Telnet clients, such as a Personal Communications emulator.
  3. Enabling client authentication for the Telnet server
    The Telnet server supports the authentication of Telnet client certificates. This means that during the Secure Sockets Layer (SSL) handshake, not only can the server generate a server certificate for the client, but also can optionally check for a valid client certificate, depending on how Digital Certificate Manager (DCM) is configured.
  4. Enabling SSL on the Telnet server
    Follow these steps for understanding how to enable Secure Sockets Layer (SSL) on the Telnet server.

 

Parent topic:

Securing Telnet with SSL

Related concepts
SSL initialization and handshake

Related tasks
Troubleshooting your Telnet SSL server Checking system status