Optionally updating PKI Services environment variables

You need to perform this task only if any one of the following conditions is true:

You are configuring PKI Services for the first time.
You are adding an additional CA domain.
You want to send email notifications (for rejected certificate requests or certificates that are ready for retrieval or expiring) and you did not use the default location for sendmail (/usr/sbin/sendmail).
You intend to use automatic certificate renewal.
You are implementing an autorenew exit.
You intend to use Java™Server pages (JSPs) instead of REXX CGIs for the PKI Services web pages.

You need to define certain environment variables (such as LIBPATH) for the PKI Services daemon to run. There are two files related to environment variables:

A sample environment variables file, pkiserv.envars (by default in /usr/lpp/pkiserv/samples/)
SYS1.PROCLIB member PKISERVD (You can use the ENVAR parameter to point to the environment variables file.)

You can use pkiserv.envars to set environment variables for the PKI Services daemon. This file contains most of the environment variables needed to run the daemon.

You need to change the file if you did not use the default for any of these things:

The install directory for PKI Service (/usr/lpp/pkiserv)
The message level
The location for sendmail (/usr/sbin/sendmail)

Guideline: If you need to make changes to the pkiserv.envars file, copy the file to another directory (such as /etc/pkiserv) and make changes only to the copy.

PKISERVD is the sample procedure to start PKI Services. (For sample code, see PKISERVD sample procedure to start PKI Services daemon.) PKISERVD sets the TZ (time zone) environment variable because it is very likely that the value of this variable needs to change. PKISERVD also includes parameters specifying the directory containing the environment variables file (DIR) and the file name of the environment variables file (FN). If you make a copy of pkiserv.envars as suggested, you also need to change the name of the directory in PKISERVD (for example, DIR="/etc/pkiserv") and possibly the file name (for example, FN="pki.env").

Note: You can change all of the following on the START command:

Environment variables directory
File name
Job output class
Region size
Standard output
Standard error
Time zone

See Steps for starting the PKI Services daemon.

Because of the limitation of the number of characters allowed in the PARM=operand on the JCL EXEC card, take care to ensure that the total length of the environment variables directory and file name, TZ value, and stdout and stderr redirection values do not exceed the 100 character maximum.

You must specify any environment variables that PKI Services requires either in the PKISERVD procedure or in the environment variables file (pkiserv.envars). Guideline: Make your additions and changes to the environment variables file, rather than to the PKISERVD procedure.