We have certificates RACLISTED (no idea what that equates to in Top Secret). I do:
RACDCERT ID(&KEYOWNR) TRUST ADD('&USER..MACK.CERT') - WITHLABEL('ftp.mackinney.com') RACDCERT ADDRING(&KEYRING) ID(&KEYOWNR) SETROPTS RACLIST(DIGTCERT DIGTRING) REFRESH RACDCERT ID(&KEYOWNR) CONNECT(CERTAUTH USAGE(CERTAUTH) - LABEL('AAA Certificate Services') - RING(&KEYRING)) SETROPTS RACLIST(DIGTCERT DIGTRING) REFRESH I had to do the REFRESH to the DIGTCERT class after adding the cert and keyring before I could connect the cert to the keyring. Then another refresh (this time was probably for the DIGTRING--I'm lazy and just duplicated the line). Also, don't miss the line in the previous post about telling the policy agent to refresh it's security settings. Wendell ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN