z/OS Security Server RACF Command Language Reference
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


RACDCERT DELRING (Delete key ring)

z/OS Security Server RACF Command Language Reference
SA23-2292-00

Purpose

Use the RACDCERT DELRING command to delete a key ring.

Issuing options

The following table identifies the eligible options for issuing the RACDCERT DELRING command:
As a RACF® TSO command? As a RACF operator command? With command direction? With automatic command direction? From the RACF parameter library?
Yes No No. (See rules.) No. (See rules.) No
Rules: The following rules apply when issuing this command.
  • The RACDCERT command cannot be directed to a remote system using the AT or ONLYAT keyword.
  • The updates made to the RACF database by RACDCERT are eligible for propagation with automatic direction of application updates based on the RRSFDATA profiles AUTODIRECT.target-node.DIGTCERT.APPL and AUTODIRECT.target-node.DIGTRING.APPL, where target-node is the remote node to which the update is to be propagated.

Authorization required

To issue the RACDCERT DELRING command, you must have the SPECIAL attribute or sufficient authority to the IRR.DIGTCERT.DELRING resource in the FACILITY class for your intended purpose.
Table 1. Authority required for the RACDCERT DELRING function
IRR.DIGTCERT.DELRING
Access level Purpose
READ Delete your own key ring.
UPDATE Delete another user's key ring.

Activating your changes

If the DIGTRING class is RACLISTed, refresh the class to activate your changes.

Example: 
SETROPTS RACLIST(DIGTRING) REFRESH

Related commands

  • To add a key ring, see RACDCERT ADDRING.
  • To list a key ring, see RACDCERT LISTRING.

Syntax

For the key to the symbols used in the command syntax diagrams, see Syntax of RACF commands and operands. The complete syntax of the RACDCERT DELRING command is:

 
RACDCERT DELRING(ring-name)

[ID(ring-owner)]

If you specify more than one RACDCERT function, only the last specified function is processed. Extraneous keywords that are not related to the function being performed are ignored.

If you do not specify a RACDCERT function, LIST is the default function.

For information on issuing this command as a RACF TSO command, refer to RACF TSO commands.

Parameters

DELRING(ring-name)
The ring-name value is the name of the key ring. Because only user IDs can have key rings, neither CERTAUTH nor SITE can be specified with DELRING.

Note that when a DELUSER command is issued against a user ID, all of the key rings that are owned by that user ID are also deleted.

ID(ring-owner)
Specifies the user ID of the key ring owner. (Only a user ID can have a key ring.) If not specified, the key ring owner defaults to the command issuer's user ID.

Examples

     
Example 1 Operation User RACFADM wants to delete the key ring for the local FTP server. The user ID of the FTP is FTPD. The name of the key ring to be deleted is FTPring.
Known User RACFADM has SPECIAL authority.
Command RACDCERT ID(FTPD) DELRING(FTPring)
Output None.
Parent topic: RACF command syntax

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014