We have certificates RACLISTED (no idea what that equates to in Top Secret). I
do:
RACDCERT ID(&KEYOWNR) TRUST ADD('&USER..MACK.CERT') -
WITHLABEL('ftp.mackinney.com')
RACDCERT ADDRING(&KEYRING) ID(&KEYOWNR)
SETROPTS RACLIST(DIGTCERT DIGTRING) REFRESH
RACDCERT ID(&KEYOWNR) CONNECT(CERTAUTH USAGE(CERTAUTH) -
LABEL('AAA Certificate Services') -
RING(&KEYRING))
SETROPTS RACLIST(DIGTCERT DIGTRING) REFRESH
I had to do the REFRESH to the DIGTCERT class after adding the cert and keyring
before I could connect the cert to the keyring. Then another refresh (this time
was probably for the DIGTRING--I'm lazy and just duplicated the line).
Also, don't miss the part in the previous post about telling the policy agent
to refresh it's security settings.
Wendell
(I posted this once, but it didn't seem to end up in the right thread. Please
forgive me if this is a duplicate. Or if the first was done wrong.)
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
