Previous topic |
Next topic |
Contents |
Index |
Contact z/OS |
Library |
PDF
Usage Notes z/OS Cryptographic Services ICSF Application Programmer's Guide SA22-7522-16 |
|||||||||||||||||||
All instances of a CKDS sysplex cluster (using the same active CKDS) must be IPLed and started in order to perform a coordinated refresh or reencipher operation. The coordinated KDS administration functions will not be queued for processing on inactive sysplex cluster members. SAF will be invoked to verify the caller is authorized to use this callable service. The CSFCRC resource in the CSFSERV class protects access to this callable service. To access this service, callers will be required to have a UACC of update for the CSFCRC resource. A coordinated CKDS sysplex cluster wide refresh on the active CKDS requires CKDS updates to be suspended. A refresh of the active CKDS is only required when KGUP or some other utility has altered the CKDS VSAM dataset. Updates must be suspended in this case to allow the in-storage cache of the CKDS VSAM data set to be rebuilt. This table lists the required cryptographic hardware for each server type and describes restrictions for this callable service.
|
Copyright IBM Corporation 1990, 2014
|