Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Exporting RACF's certificate to the recipient key database z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
If you have implemented IBM® Tivoli® Directory Integrator, or the recipient intends to verify the signature of envelopes as they are decrypted to ensure they are from RACF®, then both the CA certificate and the RACF address space certificate must be available to the recipient in the recipient key database. Export both the RACF CA certificate and the RACF address space certificate. (These certificates were created in Generating a local CA certificate using RACF as the CA and Generating an X.509 V3 certificate for the RACF address space.) Example:
These files must be transferred to the recipient system. Use FTP (ASCII mode) or simply cut and paste them to create the racfca.cert and rasp.cert files. Then, import the files: Using the keytool command: Example:
Using the gsk5cmd command: Example:
|
Copyright IBM Corporation 1990, 2014
|