Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
What is a certificate authority? z/OS Cryptographic Services PKI Services Guide and Reference SA23-2286-00 |
|
The certificate authority, commonly called a CA, acts as a trusted third party to ensure that users who engage in e-business can trust each other. A certificate authority vouches for the identity of each party through the certificates it issues. In addition to proving the identity of the user, each certificate includes a public key that enables the user to verify and encrypt communications. The trustworthiness of the parties depends on the trust that is placed in the CA that issued the certificates. To ensure the integrity of a certificate, the CA digitally signs the certificate as part of creating it, using its signing private key. Trying to alter a certificate invalidates the signature and renders it unusable. Protecting the CA's signing private key is critical to the integrity of the CA. For this reason, you should consider using ICSF to securely store your PKI Services CA's private key. As a CA using PKI Services, you can do the following tasks:
|
Copyright IBM Corporation 1990, 2014
|