z/OS Cryptographic Services System SSL Programming
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Copying a certificate (and private key) to a different key database or z/OS PKCS #11 token

z/OS Cryptographic Services System SSL Programming
SC14-7495-00

Once your certificates are created, it might be necessary for you to transfer a certificate to another key database or z/OS® PKCS #11 token on your system or a remote system. This transfer maybe necessary for these reasons:

  • The remote system requires the signing certificate to be in its key database or z/OS PKCS #11 token for validation purposes. The certificate does not need to contain the private key information. These certificates are normally certificate authority (CA) certificates but might also be a self-signed certificate.
  • The server or client certificate is being used by another application in a separate key database file or z/OS PKCS #11 token.
Note: The source key database file or z/OS PKCS #11 token, and the target key database file or z/OS PKCS #11 token must exist before the certificate can be copied. If the target is a FIPS database, then only a FIPS database can be the source.
Parent topic: Managing keys and certificates

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014