Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Scenario 4: Allow users to recover a PKI generated key certificate when the passphrase is lost z/OS Cryptographic Services PKI Services Guide and Reference SA23-2286-00 |
|
To recover a certificate for which PKI Services generated the keys, the user must provide the passphrase that was provided when the certificate was requested. This scenario illustrates how PKI Services can recover lost passphrases for PKI generated key certificates. To be able to recover a lost passphrase, the user must provide answers to security questions in addition to the passphrase when the user initially requests the PKI generated key certificate. PKI Services saves the passphrase and the answers to the security questions in a passphrase mapping database. To recover the lost passphrase, the user provides the answers to the security questions through the PKI Services Web page. PKI Services searches the passphrase mapping database, and if the security answers match those provided by the user when the certificate was requested, the passphrase is returned to the CGI. The recovered passphrase is then used to retrieve the PKI generated key certificate. Two exit routine calls are required:
|
Copyright IBM Corporation 1990, 2014
|