This topic describes the configuration required operate z/OS® Cryptographic Services PKI Services as an IdenTrust compliant certificate authority (CA). It instructs member institutions of the IdenTrust network to configure their z/OS installations to participate in the IdenTrust infrastructure.

By following the task outlined in this topic, you can use your z/OS systems to establish CAs within the IdenTrust infrastructure. This allows you to use z/OS to manage the life cycle of digital certificates on behalf of your organization in accordance with your security policy, while issuing and revoking digital certificates as needed. See http://www.ibm.com/servers/eserver/zseries/security/identrus/ for additional overview information.