User Certificate Registration for CICS Web Interface Servers and DCAS

Web servers created using the CICS Web Interface (CWI) feature of Enterprise Server can be configured to use the Secure Sockets Layer (SSL) for communications security. Along with enabling SSL, you can specify the CLIENTAUTH option to allow clients to send user certificates to the server, and one of the various AUTHENTICATE options to tell CWI how to handle user authentication. If you specify CLIENTAUTH and one of the CERTIFICATE, AUTOREGISTER or AUTOMATIC options, then your CWI server uses the Enterprise Server user certificate registration mechanism. This section explains user certificate registration and what you can do with it.

DCAS (Digital Certificate Access Server) listeners also use user certificate registration. DCAS and CWI can use the same collection of certificate registrations, or separate ones. The cascertreg utility is used to administer DCAS certificate registrations. See Multi-Factor Authentication and DCAS conversation type for more information.