Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Create a self-signed certificate z/OS Cryptographic Services System SSL Programming SC14-7495-00 |
|
This option creates a self-signed certificate using either RSA,
DSA, or ECC encryption for the public and private keys, and a certificate
signature that is based on a SHA digest algorithm. The SHA digest
algorithm that is used depends on the key algorithm that is chosen
for the certificate:
Possible signature algorithms are:
The number of days until the certificate expires must be between 1 and 9999. The subject name and one or more subject alternate names can be
specified for the new certificate. The subject name is always an X.500
directory name while a subject alternate name can be an X.500 directory
name, a domain name, an email address, an IP address, or a uniform
resource identifier. An X.500 directory name consists of common name,
organization, and country attributes with optional organizational
unit, city/locality, and state/province attributes. A domain name
is one or more tokens separated by periods. An email address consists
of a user name and a domain name that is separated by '@'. An IP address
is an IPv4 address (nnn.nnn.nnn.nnn) or an IPv6 address (nnnn:nnnn:nnnn:nnnn:nnnn:nnnn:nnnn:nnnn).
A uniform resource identifier consists of a scheme name, a domain
name, and a scheme-specific portion (for example:
).Note: A self-signed end-entity certificate (server or client certificate)
is not suggested for use in production environments and should only
be used to facilitate test environments before production. Self-signed
certificates do not imply any level of security or authenticity of
the certificate because, as their name implies, they are signed by
the same key that is contained in the certificate. However, certificates
that are signed by a certificate authority indicate that, at least
at the time of signature, the certificate authority approved the information
that is contained in the certificate.
|
Copyright IBM Corporation 1990, 2014
|