z/OS Security Server RACF Security Administrator's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Steps for renewing a certificate issued by a local CA

z/OS Security Server RACF Security Administrator's Guide
SA23-2289-00

Perform the following steps to renew an expiring certificate using the same private key when the certificate was generated by RACF® and issued by a local certificate authority. The expiring certificate was signed by a CERTAUTH certificate labeled 'Local RACF CA'.
  1. Create a certificate request based on the expiring certificate and store it in an MVS™ data set 'SYSADM.CERT.REQ' by executing the following command:
    RACDCERT ID(WEBSRV) GENREQ(LABEL('My Web Server Cert')) 
   DSN('SYSADM.CERT.REQ')

    ______________________________________________________________________

  2. Renew and replace the existing certificate by executing the following command:
    RACDCERT ID(WEBSRV) GENCERT('SYSADM.CERT.REQ') 
   SIGNWITH(CERTAUTH LABEL('Local RACF CA'))

    ______________________________________________________________________

You have now renewed a certificate that was signed by a local certificate authority and you renewed it using the same private key. All information in the certificate is updated to reflect the renewal, including the key ring connection information.
Parent topic: Renewing a certificate with the same private key

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014