(Optional) Query a Certificate Revocation List (CRL)
If desired, you can instruct RSE daemon to check one or more Certificate
Revocation List(s) (CRL) to add extra security to the validation process.
This is done by adding CRL-related environment variables to
rse.env. - GSK_CRL_SECURITY_LEVEL
- GSK_LDAP_SERVER
- GSK_LDAP_PORT
- GSK_LDAP_USER
- GSK_LDAP_PASSWORD
Refer to the Cryptographic Services System Secure Sockets Layer Programming (SC24-5901) for more information on these and other environment variables used by z/OS® System SSL.
Note: Be careful when specifying other z/OS System SSL environment variables (
GSK_*)
in rse.env, as they might change the way RSE daemon
handles encrypted connections and certificate authentication.