Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Scenario 6a: Enabling secure outbound FTP using a shared virtual key ring z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
A company wants to allow its employees to make FTP requests from z/OS® to three FTP servers out on
the Internet. The clients (z/OS users)
will authenticate to the FTP servers with preestablished user IDs
and passwords. Therefore, FTP will be used without client authentication.
For privacy protection, the company will use secure FTP to encrypt
the information being transferred. To use the FTP client with SSL,
a key ring containing the certificate authority certificates must
be specified for the target FTP servers. Because a client certificate
is not required, one key ring will suffice for all users. You can
use a virtual key ring or a real key ring. This scenario uses a virtual
key ring. (For instructions using a real key ring, see Scenario 6b.)
In this scenario, the CA certificates for the three FTP servers were
already obtained and reside in the following three data sets: 'FTPD.CACERT1', 'FTPD.CACERT2',
and 'FTPD.CACERT3'.
|
Copyright IBM Corporation 1990, 2014
|