TKE setup and customization
To use the Trusted Key Entry key management system, several complex
tasks must be completed.
| Task | Responsible | Where | Completed |
|---|---|---|---|
| 1. Configure the host crypto modules | Client Operations or System Programmer | Support Element | |
| 2. Load host crypto module configuration data, ensure LIC code has been loaded | Client Operations or System Programmer | Support Element | |
| 3. If operating in LPAR mode, configure the processor | Client Operations or System Programmer | Support Element | |
| 4. Permit each host crypto module for TKE commands | Client Operations or System Programmer | Support Element | |
| 5. Update TCP/IP profiles for TKE | Client Network or Communications Server personnel and ICSF Administrator | Host z/OS System | |
| 6. Customize TKE Host Program started procs (delivered with ICSF) | Client Network or Communications Server personnel and ICSF Administrator | Host z/OS System | |
| 7. Ensure RACF® administration is complete. | Client Security Administrator | Host z/OS System | |
| 8. Start ICSF | Client Operations or System Programmer | Host z/OS System Console | |
| 9. Customize the TKE workstation crypto adapter | TKE Administrator | TKE workstation | |
| 10. TKE Application Customization | TKE Administrator | TKE workstation |
For more information on tasks 1 and 2, see Z Service Guide for TKE Workstations.
For more information on tasks 3 and 4, see:
- Z Service Guide for TKE Workstations.
- PR/SM Planning Guide.
- TKE enablement.
- LPAR considerations.