Procedure
Take the following steps to use the cryptography
feature:
- Install and activate the cryptographic product. The ENCRYPTN start option enables you to start VTAM® before activating the cryptographic product.
(ENCRYPTN=CCA is required if triple-DES encryption will be used by
LUs or applications owned by this node.)
- File cryptographic keys. File the cryptographic
key data set at the host processor before activating any LUs that
are used in cryptographic sessions.
For information about filing
cryptographic keys, see Cryptographic keys.
- Specify the cryptographic requirements. VTAM uses this information to identify
the cryptographic session keys and to establish the cryptographic
session.
- Code the ENCR operand and the ENCRTYPE keyword (DES or TDES24)
on the LU and APPL definition statements to define the cryptographic
capabilities of LUs and application programs.
- Code the ENCR operand on the MODEENT macroinstruction to specify
cryptographic session requirements for an LU.
- Code the ENCRTYP operand on the MODEENT macroinstruction
to specify encryption type for an LU (TDES24 is the only available
value).
- Identify the name of the cryptographic key that will be used to
establish cryptographic sessions for the LU. Code the CKEYNAME operand
on the LU definition statement or use the default, which is the LU
name.
- Specify whether you want to use the alternate cryptographic key
name during session activation. You can either use the CKEY operand
on the MODEENT macroinstruction or issue a modify security command
to switch to the alternate CKEY.
- Initiate the cryptographic session.