IBM AS 400 iSeries – SSL Installation

Like the majority of server systems you will install your SSL certificate on the same server where your Certificate Signing Request (CSR) was created. Your private key will always be left on the server system where the CSR was originally created. Your SSL certificate will not work without this private key file. We will assume that this is the original system.

To Install your SSL certificate on a IBM AS 400 iSeries system perform the following.

Step 1: Downloading your SSL Certificate & its Intermediate CA certificate:

  1. If you had the option of server type during enrollment and selected Other you will receive a x509/.cer/.crt/.pem version of your certificate within the email. Alternately you can access your Certificate User Portal by the supplied link in the email to pick up the x509 version of your certificate.
  2. Copy the SSL certificate and make sure to copy the —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—– header and footer Ensure there are no white spaces, extra line breaks or additional characters.
  3. Use a plain text editor such as Notepad, paste the content of the certificate and save it with extension .txt
  4. If your intermediate CA certificate for your product is not in the body of the email you can access your Intermediate CA also in a link within that email. Copy and paste the contents of your Intermediate CA into its own Notepad file and save it with a .txt extension also.
    Note: Some CAs may require two intermediates for best compatibility. These two are to be copied within their own corresponding .txt files and installed one at a time in a repeated process for intermediate installation.

Step 2: Installing your Intermediate CA:

  1. Start Digital Certificate Manager (DCM).
  2. From navigation panel, click Select a Certificate Store > select *SYSTEM.
  3. Enter in password for Certificate Store > click Continue.IBM AS/400 iSeries
  4. From navigation panel, select Manage Certificates
  5. From the list, select Import Certificate > Certificate Authority (CA) > click Continue.IBM AS/400 iSeries
  6. On the next screen, specify the path and file name of your Intermediate CA .txt file, and click Continue.
    IBM AS/400 iSeries
  7. Specify a friendly name of your choice for your imported intermediate CA.
  8. Click Continue.
    IBM AS/400 iSeries
  9. A message stating the intermediate ca certificate has been imported. Click OK.IBM AS/400 iSeries 

    Your Intermediate CA certificate should now be installed.Note: If you receive a error stating “The issuer of this certificate could not be found” or “The issuer of the certificate may not be in the certificate store This is due to a missing Root certificate for your SSL/Intermediate that is required on the system.
    Note: Getting your Root CA will vary and you may have to consult your CA in order to get this. The SSL Support Desk features intermediates and roots from the following big CA’s Here. It must be in its own Notepad file and saved with a .txt extension. The repeat step 2 of these instructions to import your the root and then your intermediate.

Step 3: Installing the SSL Certificate:

  1. Start Digital Certificate Manager (DCM).
  2. From navigation panel, click Select a Certificate Store > select *SYSTEM.
  3. Enter in password for Certificate Store > click Continue.
  4. From navigation panel, select Manage Certificates.
  5. From the list, select Import Certificate > select Server or Client.IBM AS/400 iSeries
  6. On the next screen, specify the path and file name of your SSL Certificate .txt file, and click Continue.
    IBM AS/400 iSeries 

    Your SSL Certificate should now be installed on the IBM AS 400 iSeries system.

Step 4: Assigning your SSL certificate:

  1. In the navigation frame, select Manage Applications to display a list of tasks.
  2. From the task list, select Update certificate assignment to display a list of SSL-enabled applications for which you can assign a certificate.
  3. Select an application from the list and click Update Certificate Assignment.
  4. Select the certificate that you imported and click Assign New Certificate. DCM displays a message to confirm your certificate selection for the application.

If you are unable to use these instructions for your server, Acmetek recommends that you contact either the vendor of your software or the organization that supports it.

IBM Support

For more information refer to IBM.

Recent Posts

S/MIME for Outlook O365 Windows

Add to Favorites S/MIME Advantages of S/MIME Certificates S/MIME (Secure/Multipurpose Internet Mail Extensions) certificates offer several advantages when it comes to securing email communications. Here

Read More »

Abbreviations

Add to Favorites There are literally thousands of IT abbreviations out there. Many are concerned with the technical aspects of the computer, while others deal

Read More »

SSL Installation on Qmail

Add to Favorites SSL Installation on Qmail Qmail is a secure, reliable, efficient, simple message transfer agent. It is designed for typical Internet-connected UNIX hosts.

Read More »