Valid on z/OS.
Use the DCDSN keyword to specify the MVS data set containing the digital certificate. The data set:
The certificate contained in the data set must be BER-encoded, PKCS-7 BER-encoded, or Privacy Enhanced Mail (PEM)-encoded. PEM certificates must be transported to MVS as TEXT; the other formats must be transported as BINARY. The length of the serial number and certificate authority distinguished name must be less than 246.
When used with the DIGICERT keyword, this keyword has the following format:
TSS ADDTO(acid) DIGICERT(name)
DCDSN(dsname)
[START(sdate)]
[FOR ddd)]
[UNTIL(date)]
[LABLCERT(labelname)]
[TRUST|NOTRUST]
[ICSF]
When used with the CERTMAP keyword, this keyword has the following format:
TSS ADDTO(acid) CERTMAP(recid)
SDNFILTER('subject's distinguished name filter')
IDNFILTR('issuer's distinguished name filter')
DCDSN(dsname)
This keyword is used with:
This example adds a digital certificate contained in z/OS and data set USER1.CERT.DATA to USER1:
TSS ADDTO(USER1) DIGICERT(CERT0001)
DCDSN(USER1.CERT.DATA)
This example generates a self‑signed certificate authority certificate from a PKCS #10 request.
TSS GENCERT(CERTAUTH) DIGICERT(Account)
DCDSN(CERTREQ.REQ)
NBDATE(05/01/02)
NADATE(05/01/03)
|
Copyright © 2009 CA Technologies.
All rights reserved.
|
|