Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Using the RACDCERT command to administer certificates z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
The RACDCERT command is used to store and maintain digital certificate information in RACF®, and should be used for all maintenance of certificate profiles and related user profile fields. For more information on these formats see z/OS Security Server RACF Command Language Reference. The RACDCERT command can be used to perform the following functions:
The RACDCERT command is your primary administrative tool for managing
digital certificates using RACF.
Authority to use the RACDCERT command is controlled through resources
in the FACILITY class. The RACDCERT command is used to manage resources
in the following classes:
Restriction: Profiles in the DIGTCERT, DIGTRING, and DIGTNMAP
classes are automatically maintained through RACDCERT command processing.
You cannot administer profiles in these classes using the RDEFINE,
RALTER, and RDELETE commands. These commands do not operate with profiles
in the DIGTCERT, DIGTRING, and DIGTNMAP classes. Because these
profiles contain lowercase characters, the SEARCH FILTER and RLIST
commands are not intended for use and will deliver unpredictable results.
You need not activate the DIGTCERT, DIGTCRIT, and DIGTRING classes to use resources in those classes. However, performance is improved when you activate and RACLIST the DIGTCERT and DIGTCRIT classes. See RACLISTing the DIGTCERT class and RACLISTing the DIGTCRIT class. See z/OS Security Server RACF Command Language Reference for more information about the RACDCERT command. See RRSF considerations for digital certificates for information about propagating updates made by the RACDCERT command to other nodes in an RRSF network. |
Copyright IBM Corporation 1990, 2014
|