Description

The PROXY_CERTIFICATES option specifies whether or not UDM will use the managers certificate in a three-party transfer session if a certificate is supplied to the UDM Manager.

Proxy certificates are used only for three-party transfer sessions. All components, manager, primary and secondary, must be version 3.2 or later and must be using OpenSSL (System SSL does not support proxy certificates).

If PROXY_CERTIFICATES is set to yes, the UDM Manager's certificate is used to create a proxy certificate for the primary to use when connecting to the secondary. The proxy certificate has the same subject name as the managers certificate, so the certificate ACL for the secondary can be set up to look just like the primary's ACL.

Note

For more information on X509 proxy certificates, see the RFC at:

http://www.globus.org/alliance/publications/papers/pki04-welch-proxy-cert-final.pdf

Usage

Method	Syntax	IBM i	UNIX	Windows	z/OS
Command Line, Short Form	n/a
Command Line, Long Form	-proxy_certificates option
Environment Variable	UDMPROXYCERTIFICATES=option
Configuration File Keyword	proxy_certificates option
STRUDM Parameter	PROXYCERT (option)

Values

option is the specification for whether or not UDM will use proxy certificates.

Valid values for option are:

yes
UDM will use proxy certificates.
no
UDM will not use proxy certificates.

Default is no.

Browser not supported