Skip to Main Content
IBM Sterling

This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (

Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.

Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal ( - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal ( - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM. - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Not under consideration
Categories Security
Created by Guest
Created on Sep 18, 2018

certificate-based authentication support for CDAIJ and CDW

Many customers from banks need to change their OS users' password every 1 or 3 months for all OS according to their security regulation which means all applications or middleware using the old password must change at the same time.  For customers, this will be a huge workload. That's why customers would like to use certificate-based authentication instead to communicate with CD while using CDAIJ.  But unfornately our customers who have Windows operation system can't use this kind of way to sumit process to CDW which lead to a unconsistent way to communicate with CD.

All customers want to implement is to have a consistent, secure, password-independent way to communicate with CD.

What is your industry? Banking
How will this idea be used?

The client will integrate their own application with CDAIJ and use certificate-based authentication to communicate with CDU and CDW, such as select statistics, sumit process, etc.

  • Admin
    Nov 28, 2022

    Thank you for your patience. After carefully reviewing your enhancement requets, we understand that your AIJ application uses certificate-based authentication to perform configuration and monitoring of CDW and the application cannot submit processes when certificate-based authentication is used. (The Windows OS requires a password to perform user impersonation.)

    Our recommended solution to this kind of problem is leveraging Password exit support. Another solution would be to configure no impersonation (Allow Process to run using Service Account)

    With this recommendation we are closing this enhancement request. Please let us know if you see any concerns or have any questions.

    Thank You

    Product Management

  • Admin
    Chris Sanders
    Oct 5, 2018

    Thank you for opening this enhancement request with IBM.  I have reviewed it with my team and we believe that it would be beneficial for Connect:Direct to expand certificate authentication capabilities.  I have accepted this request as an uncommitted candidate and will work to move it to the roadmap moving into the future.


    Chris Sanders

    Connect:Direct Offering Manager