Use the Client Certificates preference page to specify
the Java Cryptographic Service
Provider (Java CSP) and the
keystore type used by the Java CSP
for retrieving the certificates stored in the Microsoft Cryptography API (MS-CAPI) key
store.
Client certificate authentication enables you to authenticate
with remote systems using a security device such as an integrated
circuit card (like Smart Card). Rational® Developer
for System z® relies on
the Java CSP for the retrieval
of the certificates. The certificates are used solely for the purpose
of client certificate authentication. All updates to the certificates
are outside the scope of Rational Developer
for System z. To set up
client certificates on your workstation, specify values for the following
fields:
- Java Cryptography Extension
(JCE) Provider
- Specify the name of the security provider as provided by the vendor
that supplies the cryptography software used to access the certificates.
- Keystore Type
- Specify the name of the keystore given by the security provider.
- hostIdMappings Object Identifier
- Specify the hostIdMappings OID. The value specified in the preferences
page must not be changed from its default value of 1.3.18.0.2.18.1
unless instructed otherwise by the systems administrator. The hostIdMappings
extension (Object Identifier 1 3 18 0 2 18 1) is an IBM® extension also available for public use.
The security software on the remote system (such as RACF®) automatically maps a valid certificate
to the RACF user ID provided
in the extension. Changing this value may cause the certificate authentication
to fail.