Defining a local Certificate Authority certificate
If you are using RACF® as your CA, you must create a certificate authority certificate, if you have not already done so. The command shown here creates a certificate authority (or signer) certificate. This example creates a certificate called AMSCA to be used when creating subsequent certificates that reflect the identity of Advanced Message Security users and applications.
This command may be modified, specifically SUBJECTSDN
, to reflect the naming
structure and conventions used at your installation:
RACDCERT CERTAUTH GENCERT SUBJECTSDN(CN('AMSCA') O('ibm') C('us'))
KEYUSAGE(CERTSIGN) WITHLABEL('AMSCA')
Note: Certificates signed with this local certificate authority certificate show an issuer of
CN=AMSCA,O=ibm,C=us when listed with the RACDCERT LIST command.