Use the
KEYRING statement to define the key ring that contains the certificate
to be used during the TLS handshake.
- Server
- Specifies the key ring database on the server's system.
- Client
- Specifies the key ring database on the client's system.
Syntax
>>-+---------------------------------+-------------------------><
'-KEYRING--+-keyringname--------+-'
'-userid/keyringname-'
Parameters
- userid/keyringname
- Allows multiple FTP users to share one key ring owned by another
user. The keyringname value is the SAF key ring created by using the RACF® ADDRING function.
Restrictions: - The userid value must be the user that actually owns the key ring.
- All users must have READ and UPDATE access to the IRR.DIGTCERT.LISTRING
resource in the FACILITY class when using an SAF key ring owned by
another user.
Examples
KEYRING /u/user33/keyring/key.kdb
KEYRING user33/ftpring
KEYRING ftpring
Guideline: If
the userid is omitted, the current user
ID is used.
Usage notes
- KEYRING is required if TLS is used as a security mechanism.
- The EXTENSIONS AUTH_TLS statement must be coded for this statement
to be used by the FTP server.
- The SECURE_MECHANISM TLS statement must be coded for this statement
to be used by an FTP client.