Valid on z/OS.
Use the BIND keyword with the P11TOKEN function to bind a digital certificate to a z/OS PKCS#11 token. When a certificate is bound to a token, CA Top Secret creates a certificate, public key and private key (if the certificate has one and the BIND usage is personal).
The following key types are not supported:
The command has the following format:
TSS P11TOKEN BIND
LABLCTKN(token name)
TOKNDATA(userid,digicert)|LABLCERT(certificate label)|
TOKNUSER(userid)
[USAGE(PERSONAL|CERTSITE|CERTAUTH]
[DEFAULT]
Specifies the name of the token. The token must already exist.
Userid specifies the ACID for the digital certificate. Digicert identifies the digital certificate. LABLCERT and TOKNDATA are mutually exclusive.
Specifies the digital certificate label name of the certificate to bind. The userid for the certificate may be specified with the TOKENUSER keyword. If TOKNUSER is not specified then the userid of the administrator that issued the command is used. LABLCERT and TOKNDATA are mutually exclusive.
Specifies the userid for the digital certificate.
Specifies how this certificate is used within the token. If keyusage is not specified, it defaults to the usage value of the certificate being bound.
Specifies that the certificate is the default certificate for the token. Only one certificate may be the default. If a default certificate already exists, its default status is removed.
|
Copyright © 2009 CA.
All rights reserved.
|
|