The client certificate is used to log in and authenticate a user with i2 Analyze. Use the
IBM Key Management utility to create a self-signed certificate.
Create a self-signed certificate to use as a client certificate to demonstrate a working
configuration. If you are using client certificates that are signed by a certificate authority, you
do not need to complete the following instructions.
-
Start the IBM Key Management utility.
Note: The IBM® Key Management utility uses a GUI or Window
Manager. If you do not have a GUI or Window Manager on your system, you can use the command line
interface to complete the same actions. For more information about the command line interface, see
Key Management utility command-line interface (gskcmd)
syntax.
-
Open the key database that is used for Secure Sockets Layer (SSL) connections. If you followed
the instructions to set up the SSL example, the key database file is
i2\i2analyze\i2-http-keystore.kdb.
-
Create a self-signed certificate.
-
Set the Key Label to a value that enables you to identify the
user.
For example, Jenny.
-
Ensure that the value of Common Name matches the name of a user in the
user registry for i2 Analyze.
If you are using the example user registry, set the value of
Common Name
to
Jenny.
Note: The user name cannot contain a comma (,).
For this example, you can use the default values for the remaining properties.
-
Export the certificate and private key from the key database.
-
Click Export/Import.
- Ensure that Export Key is selected.
-
From the Key file type list, select PKCS12.
-
Set the File name to a value that enables you to identify the
user.
For example, Jenny.p12.
-
Ensure that Location is set to the same directory as the key
database.
-
Click OK.
- When you are prompted, provide a password that is used to access the
keys.
-
Extract the certificate from the key database.
-
Click Extract Certificate.
-
From the Data type list, select Binary DER data.
-
Set the Certificate file name to a value that enables you to identify
the user.
For example, Jenny.der.
-
Ensure that Location is set to the same directory as the key
database.
-
Click OK.