Certification

An SSL certificate is a small data file that digitally binds a cryptographic key to to an organization's details and is used to authenticate a connection between a client and server.

The following procedures describe how to configure Control-M MFT for server and client configuration

• Configuring Control-M MFT for server authentication
• Configuring Control-M MFT for client authentication
• Configuring Control-M MFT for an alternative CA

If you want to authenticate the identity of the server and the server to authenticate the client, you must complete both procedures.

Control-M MFT uses a Java Keytool as key and certificate management utility. It allows you to manage your own public/private key pairs and certificates. Java Keytool stores the keys and certificates in a keystore and protects the private keys and keystore with the same password.

The Java Keytool utility path is <Agent home directory>/cm/AFT/JRE/bin/keytool. Each certificate in a Java keystore is associated with a unique alias.

NOTE: All paths described in the following procedures are written for UNIX users. Users of Microsoft Windows must ensure that when following these commands, all occurrences of a foreslash ("/") are changed to a backslash ("\").

NOTE:You must not use the sslcmd utility provided with Control-M/Agent. The utility and kdb format are no longer supported by Control-M MFT.