z/OS Cryptographic Services PKI Services Guide and Reference
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Task roadmap for adding CA domains

z/OS Cryptographic Services PKI Services Guide and Reference
SA23-2286-00

Before you begin

  • Complete all required tasks in Configuring your system for PKI Services. This task roadmap is intended to direct you to add a new CA domain after you have already implemented and tested the default setup for PKI Services and ensured that it operates properly as a single CA domain.
  • Review Table 1 to see the subtasks involved and the skills required for each subtask. (The team members listed are based on role definitions established in Identifying skill requirements.)

Procedure

To create a new CA domain, complete the subtasks in Table 1. Subtask 1 guides you through planning. Subtask 2 is a one-time setup you do when you add your first additional CA domain. Subtasks 3 - 8 are each done once for every CA domain you add. (See Configuring your system for PKI Services for additional details about these subtasks.)

After you complete Subtasks 1 and 2 (planning and reconfiguring), perform Subtasks 3 - 8 for your first new CA domain and ensure that it operates properly before adding your second CA domain.

Table 1. Task roadmap for adding a new CA domain
  Subtask Team member Associated procedure (See…)
1. Plan additional CA domains. UNIX programmer Subtask 1: Steps for planning additional CA domains.
2.

Reconfigure your initial CA domain
to allow it to coexist with other CA
domains. (This is a one-time setup.)

 UNIX programmer Subtask 2: Steps for reconfiguring your initial CA domain to allow it to coexist with other CA domains.
3. Run IKYSETUP. MVS™ programmer Subtask 3: Steps for running the IKYSETUP exec.
4. Configure the UNIX environment. UNIX programmer Subtask 4: Steps for configuring the UNIX environment.
5. Update the PKI Services template file. Web server programmer Subtask 5: Steps for updating the PKI Services template file.
6. Update the Web server configuration. Web server programmer Subtask 6: Steps for updating the Web server configuration.
7. Set up the object store and ICL. MVS programmer or DB2® programmer, depending on how you implement the object store and ICL Subtask 7: Creating the object store and ICL.
8. Start PKI Services. MVS programmer Subtask 8: Steps for starting PKI Services.
Parent topic: Adding a new CA domain

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014