000031698 - Can the mainframe DPM client trust more than one CA?

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000031698
Applies ToRSA Product Set: Data Protection Manager
RSA Product/Service Type: Data Protection Manager Mainframe Client 
RSA Version/Condition: V1R1-PTF1 on z/OS V1R13
 
IssueCan the mainframe DPM client trust more than one CA?
ResolutionThe client code definitely supports this. The steps to configure it depend on how you are storing/accessing their Client Identity (i.e. in a USS Key Database (.kdb) file, or via a SAF Key Ring.
If you are using a .kdb file, you should import the additional CA certificate to the .kdb file specified in the client configuration file.
If you are using a SAF Key Ring, you need to import the additional CA certificate as a CERTAUTH certificate, and use the RACDCERT CONNECT command to connect the new certauth certificate to the ring specified in the client configuration file.

Attachments

    Outcomes