Digital Certificates

By using SSL, TIBCO MFT Platform Server for z/OS uses digital certificates to confirm the identity of the owners of the digital certificates, and uses a received digital certificate to identify the communication partners.

A digital certificate usually consists of the following three components which are all used by TIBCO MFT Platform Server for z/OS:

Certificate
Public key
Private key
Private key password

Certificate

This component is used by remote users to perform authentication. A certificate includes a public key for a receiver to decrypt data that is encrypted with a private key from the sender. Typically, a certificate includes the following contents:

Certificate version number
Certificate serial number
Information of the certificate authority that issues the certificate
Public key and encryption algorithm
Time in which the certificate is valid
Information about the user, including:
- Common Name (CN)
- Locality (L)
- State (ST)
- Country (C)
- Organization Unit (OU)
- Organization (O)

Note: The Platform Server is not a certificate manager. You cannot use the Platform Server to create certificates or to manage certificates. The certificates are produced by the Certificate Authority (CA). The contents of a certificate are governed by the X.509 certificate specification.

Public Key

The partner's public key is used to encrypt data. Data encrypted with a public key can only be decrypted by the private key associated with the public key.

Private Key

You can use this component to decrypt data that is encrypted by a remote user by using your public key.

Private Key Password

This component protects your private key from being copied and used by other people.