IBM Client (Linux)

  1. On the certificate holistic view, click Add Connector.
  2. Enter the General Information for the connector.
    Table 1. Field descriptions for the connector General Information
    Field Description
    *Category From the dropdown list, select Server.

    If the certificate being pushed was enrolled with CSR generation at endpoint, this field is auto populated with the category selected at the time of certificate enrollment.
    *Vendor From the dropdown list, select IBMClient.

    If the certificate being pushed was enrolled with CSR generation at endpoint, this field is auto populated with the vendor selected at the time of certificate enrollment.
    *Connector Name Enter a name for this connector, to be able to identify it later.
    Tip: AppViewX recommends naming connectors according to use cases so they are easily distinguishable.
    Description Enter any additional details you want to record for this connector.
    Based on the information entered here, the SSL templates section is populated with the list of available IBM Client (Linux) devices already onboarded in AppViewX.
  3. To select the device(s) to which the certificate will be pushed, under SSL templates, from the list of Available Devices, click .
    You can use the Available Devices dropdown list to filter devices based on functionality.
    The Selected devices list is updated automatically.
  4. Enter the Certificate Details.
    Table 2. Field descriptions for the Certificate Details
    Field Description
    *Certificate Type From the dropdown list, select the file type of the certificate to be pushed.
    *KDB File Name Enter the name of the KDB certificate file that will be pushed to the IBMClient server.
    *KDB password Enter the password required to access the KDB certificate file.
    Server Certificate Label This field is disabled when the Private key in device checkbox is selected.

    Enter the label for the server certificate.
    Push Root and Intermediate Certificates To push the root and intermediate certificates, along with the end certificates, select this checkbox.

    For the IBM Client server, this feature is enabled by default and the field is non-editable.

    Intermediate Certificate Label If an intermediate certificate is available in the KDB file, the system will retain the existing label. The given label name will not be used.
    Root Certificate Label If a root certificate is available in the KDB file, the system will retain the existing label. The given label name will not be used.
    Private key in device If the private key associated with the certificate being pushed has been stored on a hardware device, select this checkbox.
  5. Enter the Push Details.
    Table 3. Field descriptions for the Push Details
    Field Description
    *Script Location Script files are commonly used to perform certain tasks required to be completed before and/or after a certificate is pushed to the target system.

    The script to be run before the certificate is pushed is called a pre-push script and the script to be run after the push is called a post-push script.

    From the following options, select the location of the script file(s):

    • In AppViewX
    • In Device
    Pre - Push Script File Name Enter the file name of the pre-push script.
    Important: Read the pre and push script usage instructions here.
    Pre - Push Script File Path This field is displayed when Script Location = In Device.
    Enter the location on your local system where the pre-push script file is stored.
    Important: Read the pre and push script usage instructions here.
    Post - Push Script File Name Enter the file name of the post push script.
    Important: Read the pre and push script usage instructions here.
    Post - Push Script File Path This field is displayed when Script Location = In Device.
    Enter the location on your local system where the post-push script file is stored.
    Important: Read the pre and push script usage instructions here.
    Push Automatically To automatically push the certificate after it is renewed/reissued to the target system, enable this checkbox.
    Note: The auto push feature for a certificate works only if enabled for the certificate application connector as well the associated certificate group. To enable this feature at the certificate group level, refer the instructions here.
  6. Click Save.
    The connector is displayed on the certificate holistic view.