Creating a Key Ring

You must create a key ring if you are running OS/390 2.8 or higher versions.

For more information on creating the RACF key ring using the RACDCERT command, you can review the following IBM documents:
  • SC28-1915   OS/390 Security Server (RACF) Security Administrator's Guide
  • SC28-1919   OS/390 Security Server (RACF) Command Language Reference
With most of the steps, you must supply an ID parameter. The ID parameter defines the user ID that is associated with the key ring or certificate.
Note: The following steps do not address any security or authorization issues regarding the key ring.

Procedure

  1. Create a key ring.
  2. Generate a self-signed certificate for the user.
  3. Add the CA certificate.
  4. Connect the CA certificate to the key ring.
  5. Generate a certificate request.
  6. Add a user certificate.
  7. Connect the user certificate to the key ring.