We have certificates RACLISTED (no idea what that equates to in Top Secret). I
do:
RACDCERT ID(&KEYOWNR) TRUST ADD('&USER..MACK.CERT') -
WITHLABEL('ftp.mackinney.com')
RACDCERT ADDRING(&KEYRING) ID(&KEYOWNR)
SETROPTS RACLIST(DIGTCERT DIGTRING) REFRESH
RACDCERT ID(&KEYOWNR) CONNECT(CERTAUTH USAGE(CERTAUTH) -
LABEL('AAA Certificate Services') -
RING(&KEYRING))
SETROPTS RACLIST(DIGTCERT DIGTRING) REFRESH
I had to do the REFRESH to the DIGTCERT class after adding the cert and keyring
before I could connect the cert to the keyring. Then another refresh (this time
was probably for the DIGTRING--I'm lazy and just duplicated the line).
Also, don't miss the line in the previous post about telling the policy agent
to refresh it's security settings.
Wendell
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
