TKE setup and customization
To use the Trusted Key Entry key management system, several complex
tasks must be completed.
Task | Responsible | Where | Completed |
---|---|---|---|
1. Configure the host crypto modules | Client Operations or System Programmer | Support Element | |
2. Load host crypto module configuration data, ensure LIC code has been loaded | Client Operations or System Programmer | Support Element | |
3. If operating in LPAR mode, configure the processor | Client Operations or System Programmer | Support Element | |
4. Permit each host crypto module for TKE commands | Client Operations or System Programmer | Support Element | |
5. Update TCP/IP profiles for TKE | Client Network or Communications Server personnel and ICSF Administrator | Host z/OS System | |
6. Customize TKE Host Program started procs (delivered with ICSF) | Client Network or Communications Server personnel and ICSF Administrator | Host z/OS System | |
7. Ensure RACF® administration is complete. | Client Security Administrator | Host z/OS System | |
8. Start ICSF | Client Operations or System Programmer | Host z/OS System Console | |
9. Customize the TKE workstation crypto adapter | TKE Administrator | TKE workstation | |
10. TKE Application Customization | TKE Administrator | TKE workstation |
For more information on tasks 1 and 2, see Z Service Guide for TKE Workstations.
For more information on tasks 3 and 4, see:
- Z Service Guide for TKE Workstations.
- PR/SM Planning Guide.
- TKE enablement.
- LPAR considerations.