This task applies only to CCF systems. It does not apply to z890, z990, z9, z10, or z196 systems.

Run the JCL to set the SMP/E pass phrase for SMP/E electronic delivery only.

The JCL uses a pass phrase value to load the DES and PKA master keys. The DES and PKA master keys will be set in the Cryptographic Coprocessor Feature. Change This Pass Phrase is the default pass phrase. The entry point is CSFEUTIL and will have 2 or (optionally) 3 parameters. The first parameter must be the CKDS name. The second parameter (optional) is the pass phrase. The last parameter is the function PPINIT. If you do not use the default pass phrase and create your own:

• It must be sixteen to sixty-four bytes in length.
• Any EBCDIC character is allowed.
• Leading and trailing blanks will be removed.
• Embedded blanks are allowed.

See this example:

//CSFSETMK  JOB (JOB CARD PARAMETERS)
//********************************************************************
//*  Licensed Materials - Property of IBM                            *
//*  5694-A01                                                        *
//*  (C) Copyright IBM Corp. 2002                                    *
//*                                                                  *
//* THIS JCL USES A PASS PHRASE VALUE TO LOAD DES AND PKA MASTER KEYS*
//*                                                                  *
//*  CAUTION: This is neither a JCL procedure nor a complete JOB.    *
//*  Before using this JOB step, you will have to make the following *
//*  modifications:                                                  *
//*                                                                  *
//*  1) Add the job parameters to meet your system requirements.     *
//*  2) The first parameter must be the CKDS name                    *
//*  3) An optional second parameter may be used.  The second        *
//*     parameter must be 16-64 character pass phrase.               *
//*     For the pass phrase any EBCDIC character is allowed.         *
//*     Leading and trailing blanks will be removed.                 *
//*     Embedded blanks are allowed.                                 *
//*     It is STRONGLY recommended that the pass phrase NOT contain  *
//*     any commas.  Commas are used as a delimiter for the          *
//*     parameters of the CSFEUTIL program.                          *
//*  4) The last parameter must be the function PPINIT.              *
//*  5) If the default pass phrase of "Change This Pass Phrase"      *
//*     is desired, the PARM= would look like this:                  *
//*        PARM='CSF.CSFCKDS,PPINIT'                                 *
//*                                                                  *
//*     If a customer selected pass phrase is to be used the         *
//*     PARM= would look like this:                                  *
//*        PARM='CSF.CSFCKDS,Different Pass Phrase,PPINIT'           *
//*                                                                  *
//********************************************************************
//*     User supplied pass phrase of Different Pass Phrase
//STEP     EXEC PGM=CSFEUTIL,
//   PARM='CSF.CSFCKDS,Different Pass Phrase,PPINIT'
//SYSPRINT DD SYSOUT=*
//*

	OR:

//*    Using the default pass phrase of Change This Pass Phrase
//STEP     EXEC PGM=CSFEUTIL,
//   PARM='CSF.CSFCKDS,PPINIT'
//SYSPRINT DD SYSOUT=*
//*

In order to successfully run the CSFSETMK job, determine if these services are RACF protected in the CSFSERV class. If the services are not RACF protected in the CSFSERV class, then nothing needs to be done. If the services are protected in the CSFSERV class, then the issuer of the CSFSETMK JCL must be permitted to the profile for each service.

• CSFOWH
• CSFPMCI
• CSFCMK
• CSFREFR