Previous Topic: DCDSN Keyword with GENREQ—Certificate Request Data SetNext Topic: DCENCRY Keyword—Encryption Key Value

KeywordsDCDSN Keyword with ADDTO—Data Set Containing Certificate

DCDSN Keyword with ADDTO—Data Set Containing Certificate

Valid on z/OS.

Use the DCDSN keyword to specify the MVS data set containing the digital certificate. The data set:

The certificate contained in the data set must be BER-encoded, PKCS-7 BER-encoded, or Privacy Enhanced Mail (PEM)-encoded. PEM certificates must be transported to MVS as TEXT; the other formats must be transported as BINARY. The length of the serial number and certificate authority distinguished name must be less than 246.

When used with the DIGICERT keyword, this keyword has the following format:

TSS ADDTO(acid) DIGICERT(name)
                DCDSN(dsname)
                [START(sdate)]
                [FOR ddd)]
                [UNTIL(date)]
                [LABLCERT(labelname)]
                [TRUST|NOTRUST]
                [ICSF]

When used with the CERTMAP keyword, this keyword has the following format:

TSS ADDTO(acid) CERTMAP(recid)
                SDNFILTER('subject's distinguished name filter')
                IDNFILTR('issuer's distinguished name filter')
                DCDSN(dsname)

This keyword is used with:

Example: DCDSN Keyword with ADDTO

This example adds a digital certificate contained in z/OS and data set USER1.CERT.DATA to USER1:

TSS ADDTO(USER1) DIGICERT(CERT0001)
                 DCDSN(USER1.CERT.DATA)

This example generates a self‑signed certificate authority certificate from a PKCS #10 request.

TSS GENCERT(CERTAUTH) DIGICERT(Account)
                      DCDSN(CERTREQ.REQ)
                      NBDATE(05/01/02)
                      NADATE(05/01/03)