Security definitions

Customize and submit the FEKRACF sample member in the FEK.#CUST.JCL data set, which has sample RACF® and z/OS® UNIX commands to create the basic security definitions for z/OS Explorer.

Note: For those sites that use ACF2™ for z/OS or Top Secret® for z/OS, go to Broadcom Support Portal (https://support.broadcom.com/) and check for the related IBM Rational Developer for System z Knowledge Document. This Knowledge Document has details on the security commands that are necessary to properly configure IBM® Explorer for z/OS, as z/OS Explorer has the same requirements as Rational Developer for System z.

To complete the security setup, the security administrator must know the values listed in the following table. These values were defined during the previous steps of the installation and customization of IBM Explorer for z/OS.

Table 1. Security setup variables
Description	Default value	Where to find the answer
z/OS Explorer product high-level qualifier	`FEK`	SMP/E installation
z/OS Explorer customization high-level qualifier	`FEK.#CUST`	`FEK.SFEKSAMP(FEKSETUP)`, as described in Customization setup
JES Job Monitor started task name	`JMON`	`FEK.#CUST.PROCLIB(JMON)`, as described in PROCLIB changes
RSE daemon started task name	`RSED`	`FEK.#CUST.PROCLIB(RSED)`, as described in PROCLIB changes

After the security setup is completed, the cryptographic administrator must customize and submit the FEKPKCS1 sample member in the FEK.#CUST.JCL data set, which will create a PKCS#11 private key for usage by SAF JSON Web tokens (JWTs).

To complete the cryptographic setup, the cryptographic administrator must know the values that are listed in the following table. These values are defined during the security setup of z/OS Explorer.

Table 2. Cryptographic setup variables
Description	Default value	Where to find the answer
PKCS#11 token name	`JWTTOK.FEKAPPL`	Define SAF JSON Web Token (JWT) support for RSE