Tailoring the LDAP configuration for PKI Services

If you are configuring PKI Services for the first time, the LDAP programmer needs to load the LDAP schema file.

If you intend to use a non-z/OS LDAP product, refer to the documentation for that product. See LDAP directory server requirements for information about installing a non-z/OS® LDAP.

If you are configuring PKI Services for the first time, the LDAP programmer needs to set up an LDAP access control list (ACL) to allow any user to read CRLs, and might also need to set up another LDAP ACL to allow the distinguished name used for LDAP binding to create certificates and CRLs. For more information, see Setting up authorization to create and access CRLs and certificates.

You can optionally set up a secure connection with the LDAP server. For more information, see Establishing a secure connection with LDAP (optional).

Parent topic: Configuring your system for PKI Services