SSL keystore name (SSLKeyStoreName)
This optional property applies to TCP/IP connections only, and only when the SSLEnabled property is set to true. The value contains the name, including the full file path, of the keystore.
Private keys and their associated public key certificates are stored in password-protected databases called keystores. For convenience, trusted certificates can also be stored in the keystore. The SSLKeyStoreName property can either be empty or could point to the keystore file. If the SSLKeyStoreName or the SSKeyStorePassword property is empty, an informational message is generated in the server log.
For non-z/OS platforms, specify the fully-qualified path name of your
JKS keystore file. An example of a fully-qualified path name of your JKS keystore file is
c:\keystore\MyKeystore.ks.
For z/OS®, the SSLKeyStoreName property can be used to specify either a JKS keystore or a RACF® keyring. For a JKS keystore, specify the name with the full path of the JKS keystore file. For a RACF keyring, specify the string that provides the information needed to access the RACF keyring. An example of a RACF keyring is keystore_type;keyring_name;racfid.
- keystore_type must be one of the following values:
- JCERACFKS if software encryption is used for SSL.
- JCE4758RACFKS if hardware encryption is used.
- keyring_name is the name of the RACF keyring that you are using as your keystore.
- racfid is a RACF ID that is authorized to access the specified keyring.
JCERACFKS;myKeyring;kruser01JCE4758RACFKS;myKeyring;kruser01
On z/OS, if the SSLKeyStoreName matches the RACF keyring format, the IMS TM resource adapter uses the specified RACF keyring as its keystore. If the specified keystore type is anything other than JCERACFKS or JCE4758RACFKS, the IMS TM resource adapter attempts to interpret the SSLKeyStoreName that is specified as the name of a JKS keystore file.
The JKS file can have a file extension other than KS.