Valid on z/OS.
Use the IMPORT keyword with the P11TOKEN function to import a certificate and its private key from a PKCS#11 token and add it to CA Top Secret.
This keyword has the following format:
TSS P11TOKEN IMPORT LABLCTKN(token name)
TOKNDATA(userid,digicert)
SEQNUM(nnnnnnnn)
[LABLPKDS(pkds label)]
[WITHLABL(certificate label)]
[PCICC]
[ICSF]
Specifies the name of the token. The token must already exist.
Userid specifies the ACID for the digital certificate. Digicert identifies the digital certificate.
Specifies the sequence number of the certificate being imported.
Specifies the PKDS label of the record created in the ICSF Public Key Data Set (PKDS). The field is used in conjunction with the ICSF or PCICC keywords.
Specify a (*) to take the value from the LABLCERT keyword. In this case, LABLCERT must be specified along side LABLPKDS(*).
The PKDS label must conform to ICSF label syntax rules.
Valid characters: Alphanumeric, national (@,#,$) and period(.). The first character must be alphabetic or national. The field is folded to uppercase.
Length: Up to 64 characters
Specifies the label to be associated with the imported certificate. If not specified CA Top Secret generates a label name.
Specifies that the key pair is generated using the PCI Cryptographic Coprocessor and that the private key is stored in ICSF PKDS.
Specifies that the generated private key is stored in ICSF.
The administrator must have the following authority:
To add an imported certificate to CA Top Secret, the authority required for:
|
Copyright © 2009 CA Technologies.
All rights reserved.
|
|