Digital Certificates

By using TLS, TIBCO MFT Platform Server for IBM i uses digital certificates to confirm the identity of the owners of the digital certificates, and it uses a received digital certificate to identify the communication partners.

A digital certificate usually consists of the following three components which are all used by TIBCO MFT Platform Server for IBM i:
  • Public Key: The partner's public key is used to encrypt data. Data encrypted with a public key can only be decrypted by the private key associated with the public key.
  • Private Key: You can use this component to decrypt data that is encrypted by a remote user using your public key.
  • Private Key Password: This component protects your private key from being copied and used by other people.
A certificate includes a public key. The public key is used by the sender to encrypt data. Only the receiver with the corresponding private key can decrypt the data. Typically, a certificate includes the following contents:
  • Certificate version number
  • Certificate serial number
  • Information of the certificate authority that issues the certificate
  • Public key and encryption algorithm
  • Time in which the certificate is valid
  • Information about the certificate distinguished name, including:
    • Common Name (CN)
    • Locality (L)
    • State (ST)
    • Country (C)
    • Organization Unit (OU)
    • Organization (O)

The platform server is not a certificate manager. You cannot use the platform server to create certificates or to manage certificates. The certificates are produced by certificate authority (CA). The contents of a certificate are governed by the X.509 certificate specification.