Digital Certificates

By using SSL, TIBCO MFT Platform Server for z/OS uses digital certificates to confirm the identity of the owners of the digital certificates, and uses a received digital certificate to identify the communication partners.

A digital certificate usually consists of the following three components which are all used by TIBCO MFT Platform Server for z/OS:
  • Certificate
  • Public key
  • Private key
  • Private key password

Certificate

This component is used by remote users to perform authentication. A certificate includes a public key for a receiver to decrypt data that is encrypted with a private key from the sender. Typically, a certificate includes the following contents:
  • Certificate version number
  • Certificate serial number
  • Information of the certificate authority that issues the certificate
  • Public key and encryption algorithm
  • Time in which the certificate is valid

  • Information about the user, including:

    • Common Name (CN)
    • Locality (L)
    • State (ST)
    • Country (C)
    • Organization Unit (OU)
    • Organization (O)
Note: The platform server is not a certificate manager. You can not use the platform server to create certificates or to manage certificates. The certificates are produced by certificate authority (CA). The contents of a certificate are governed by the X.509 certificate specification.

Public Key

The partner's public key is used to encrypt data. Data encrypted with a public key can only be decrypted by the private key associated with the public key.

You can use this component to decrypt data that is encrypted by a remote user by using your public key.

Private Key Password

This component protects your private key from being copied and used by other people.