Introduction

This document is a checklist to run through when setting up DCM (Digital Certificate Manager) for the following: -

  • iSeries Email without using MSF or SMTP
  • iSeries Email that is connecting to a server running Office365 or GMAIL
  • 2-way email where responses/commands are issued from mail back to the iSeries

Pre-requisites

Ensure the Digital Certificate Manager service is started by checking that the QHTTPSVR subsystem is active and a specific set of ADMIN* jobs are running based on the operating system version that you have installed. If QHTTPSVR is not running, run command: 

STRTCPSVR SERVER(*HTTP) HTTPSVR(*ADMIN)

Setup

When the DCM service is running and the QHTTPSVRADMIN*jobs are active, use a web browser to access the DCM management portal and check that the *SYSTEM certificate store exists. Use the following URL to access the DCM portal (where iseries-system-name is the name of your iSeries):- 

https://iseries-system-name:2001/QIBM/ICSS/Cert/Admin/qycucm1.ndm/main0

You will be presented with the following screen. Click on "Select a Certificate Store":- 

Digital Certificate Manager

The screen should now show the *SYSTEM Certificate Store.

Digital Certificate Manager

If the *SYSTEM store does not exist, you can create it using the following IBM link:

https://www-01.ibm.com/support/docview.wss?uid=nas8N1010356

Post Setup

Ensure that the files DEFAULT.KDB and DEFAULT.RDB exist in the directory: /QIBM/UserData/ICSS/Cert/Server

Work with Object Links

and that the Halcyon monitoring profile (QSYSOPR in our examples) has full authority to them.

CHGAUT OBJ('/QIBM/UserData/ICSS/Cert/Server') USER(QSYSOPR) DTAAUT(*RWX) OBJAUT(*ALL)

CHGAUT OBJ('/QIBM/UserData/ICSS/Cert/Server/DEFAULT.KDB') USER(QSYSOPR) DTAAUT(*RW) OBJAUT(*ALL)

CHGAUT OBJ('/QIBM/UserData/ICSS/Cert/Server/DEFAULT.RDB') USER(QSYSOPR) DTAAUT(*RW) OBJAUT(*ALL)


Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: May 29, 2020