Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
PKCS #11 and Setting CLEARKEY resource within CRYPTOZ class z/OS Cryptographic Services System SSL Programming SC14-7495-00 |
|
The CLEARKEY.token-name resource within the CRYPTOZ class controls the ICSF policy for creating a clear key versus a secure key. When the resource is defined and set to NONE, System SSL's usage of the PKCS #11 callable services to generate keys is restricted to secure keys only. This causes functions within System SSL to fail. System SSL uses both explicit tokens and the SYSTOK-SESSION-ONLY omnipresent token. The following are examples that can fail in this environment in
System SSL:
|
Copyright IBM Corporation 1990, 2014
|