Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
z/OS Security Server (RACF) support Integrated Security Services Open Cryptographic Enhanced Plug-ins Application Programming SC14-7568-00 |
|
In addition to supporting profiles for digital certificates, the
RACF database supports the following classes of certificates (in the
OCSF Framework, this is known as "semantic information"). Users
who have the proper authority can issue a series of RACDCERT commands
to create the certificate and key pairs and populate the RACF database
with this information:
In addition, RACF supports the concept of "user-defined key rings" (in
the OCSF Framework, these are known as "data stores"). A key
ring is stored under the owning user ID and may contain any of the
preceding types of certificates. Entries in a key ring point to certificate
records and contain additional attributes, such as:
For more information about RACF's support of digital certificates, see the z/OS Security Server RACF Security Administrator's Guide. For information about the RACDCERT command, see z/OS Security Server RACF Command Language Reference. For more information about ICSF key tokens, see z/OS Cryptographic Services ICSF Application Programmer's Guide and the z/OS Cryptographic Services ICSF System Programmer's Guide. |
Copyright IBM Corporation 1990, 2014
|