z/OS Cryptographic Services System SSL Programming
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Marking a certificate (and private key) as the default certificate

z/OS Cryptographic Services System SSL Programming
SC14-7495-00

Once a certificate has been added to the key database or z/OS® PKCS #11 token through either a certificate request or as a self-signed certificate, it can be marked as the default certificate. Marking a certificate as the default certificate allows it to be used by the programs that are calling the System SSL APIs without having to explicitly supply the certificate's label.

To mark a certificate as the default certificate for the key database, from the Key Management Menu or Token Management Menu (see Figure 4), choose 1, (Manage keys and certificates), and on the Key and Certificate List choose the label number you want to work with. The Key and Certificate Menu or Token Key and Certificate Menu displays:

Figure 1. Key and Certificate Menu 
                                                                                
       Key and Certificate Menu                                                 
                                                                                
       Label: My Server Certificate                                                               
                                                                                
   1 - Show certificate information                                             
   2 - Show key information                                                     
   3 - Set key as default                                                       
   4 - Set certificate trust status                                             
   5 - Copy certificate and key to another database                             
   6 - Export certificate to a file                                             
   7 - Export certificate and key to a file                                     
   8 - Delete certificate and key                                               
   9 - Change label
  10 - Create a signed certificate and key
  11 - Create a certificate renewal request                                                             
                                                                                
   0 - Exit program                                                             
                                                                                
Enter option number (press ENTER to return to 
previous menu): 3 <enter>                
                                                                                
Default key set.                                                                
                                                                                
Press ENTER to continue.                                                        
 ===>
Figure 2. Token Key and Certificate Menu
       Token Key and Certificate Menu

       Label:  My Server Certificate

   1 - Show certificate information
   2 - Show key information
   3 - Set key as default
   4 - Set certificate trust status
   5 - Copy certificate and key to another 
       database/token
   6 - Export certificate to a file
   7 - Export certificate and key to a file
   8 - Delete certificate and key
   9 - Change label
  10 - Create a signed certificate and key
  11 - Create a certificate renewal request
   
   0 - Exit program

Enter option number (press ENTER to return to the
previous menu): 3 <enter>

Default key set.

Press ENTER to continue.
===>

Choose 3 to set the certificate and private key as the default certificate for the key database or z/OS PKCS #11 token.

Parent topic: Managing keys and certificates

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014