Setting preferences for client certificate authentication

Use the Client Certificates preference page to specify the Java Cryptographic Service Provider (Java CSP) and the keystore type used by the Java CSP for retrieving the certificates stored in the Microsoft Cryptography API (MS-CAPI) key store.

About this task
Client certificate authentication enables you to authenticate with remote systems using a security device such as an integrated circuit card (like Smart Card). Rational Developer for System z relies on the Java CSP for the retrieval of the certificates. The certificates are used solely for the purpose of client certificate authentication. All updates to the certificates are outside the scope of Rational Developer for System z. To set up client certificates on your workstation, specify values for the following fields:
Java Cryptography Extension (JCE) Provider
Specify the name of the security provider as provided by the vendor that supplies the cryptography software used to access the certificates.
Keystore Type
Specify the name of the keystore given by the security provider.
hostIdMappings Object Identifier
Specify the hostIdMappings OID. The value specified in the preferences page must not be changed from its default value of 1.3.18.0.2.18.1 unless instructed otherwise by the systems administrator. The hostIdMappings extension (Object Identifier 1 3 18 0 2 18 1) is an IBM extension also available for public use. The security software on the remote system (such as RACF) automatically maps a valid certificate to the RACF user ID provided in the extension. Changing this value may cause the certificate authentication to fail.