Keywords › PKCSPASS Keyword—Specify Certificate Password
PKCSPASS Keyword—Specify Certificate Password
Valid on z/OS.
Use the PKCSPASS keyword to specify the password associated with a PKCS#12‑formatted digital certificate. A password is required if the data set contains a PKCS#12‑format certificate that is password protected.
Notes:
- The password can be up to 255 characters, is case sensitive, and can contain blanks.
- The CA Top Secret Administrator is responsible of keeping track of the PKCSPASS password they assign to a digital certificate. There is no way to list this password online.
- If the certificate's private key resides in an ICSF storage facility and the format of PKCS12DER or PKCS12B64 is specified in the TSS EXPORT command, the command is rejected and a TSS0533E message is issued.
- If ICSF is specified and the IBM ICSF feature is enabled, the private key is stored in the ICSF data facility.
- ICSF is the interface to the cryptographic hardware on z/OS. You must have cryptographic hardware installed and enabled on your system.
This keyword has the following format:
TSS CHKCERT DCDSN(input‑data‑set‑name)
PKCSPASS(pkcs#12‑password)
This keyword can be used with:
- The commands ADDTO, CHKCERT, EXPORT, and GENCERT
- The ACID types User, DCA, VCA, ZCA, LSCA, and SCA
- MISC4(CERTCHEK) and MISC4(CERTSITE) authority for CERTSITE ACIDs
- MISC4(CERTAUTH) authority for CERTAUTH ACIDs
Example: PKCSPASS
This example sets the password to 'J Doe12345 Pwnew".
TSS CHKCERT DCDSN(user1.cert.data)
PKCSPASS('J Doe12345 Pwnew')
Copyright © 2014 CA Technologies.
All rights reserved.
|
|