Something that may be helpful in an ACF2 environment is the ALLCA keyring option. When set on a keyring record it treats all certificates installed with the CERTAUTH prefix as if they were connected to the keyring. This greatly simplified our administration of CA certificates. You just insert the CA cert with a CERTAUTH. prefix and trust it.
Regards. -- Donald Grinsell, Systems Programmer Enterprise Technology Services Bureau SITSD/Montana Department of Administration 406.444.2983 (D) "The secret of being miserable is to have leisure to bother about whether you are happy or not. The cure for it is occupation." ~ George Bernard Shaw (1856-1950) > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On > Behalf Of Jesse Lynch > Sent: Thursday, January 25, 2018 2:33 PM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: Re: Update: Server Certificates Expiring - Sooner! > > Thank Kurt and Phil. Got the new flash. > > Will upload as it says. We will have our security folks load it into ACF2. > If we attach to old keyring and leave Geotrust and Equifax in, we won't know > until after the 29th if it works, correct? I don't see anything on a receive > that tells you what certificate its using. > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, send email to > lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
