Comments (4)
  • Add a Comment
  • Edit
  • More Actions v
  • Quarantine this Entry

1 MarcelBischofberger commented Permalink

Hi Joe,

 
Many thanks that you wrote this great article. Unfortunately our Client Certificates are stored on a Smartcard and are only accessible trough the Microsoft Cerftificate API MSCAPI.
Is there any chance that you will support this in the future in z/OS Explorer. Our Shop recstricts access to non secured FTP on mainframe. Trying to connect to FTPS results in :
IZE0106E Error 531 Server requires client certificate for login processing
 
I believe that RDZ supports this.
 
best regards, Marcel

2 Ben Cox commented Permalink

@Marcel: That's a good suggestion. Could you raise this as an RFE at https://ibm.biz/BdRS23 - thanks!

3 JoeWinchester commented Permalink

Hi Marcel, Currently we don't do much with client certificates in the z/OS Explorer. We had thought about using them as a way to bypass the user ID and password but your requirement is different, which is where I think you want us to be able to redirect the keystore to the smartcard ? It looks as though there is a Java API in javax.smartcardio package that allows secure access to smart cards, and it is possible that we could do something with this. This requirement is new to us however so I'd like to learn more though and see what kind of solution would work best. As Ben said, if possible could you raise an RFE please so we can discuss the requirement there, or if not then feel free to e-mail me directly on winchest@uk.ibm.com.
Many thanks, Joe

4 MarcelBischofberger commented Permalink

Hi,

 
I have opended RFE :
 
https://www.ibm.com/developerworks/rfe/execute?use_case=viewRfe&CR_ID=64191
 
thanks a lot for your feedback, Marcel