Dear list: I'd like to hear from this group, which way we have to follow in order to add in RACF the root chain from external partners that have encrypted connections but using self signed certificate.
I will describe the three ways we have imported the root chain: 1- Add the certificate with "Certificate Owner" = CERTAUTH and the CONNECT with the option USAGE=CERTAUTH. RACDCERT CERTAUTH ADD('DSN.ROOT') + WITHLABEL('External Root') TRUST RACDCERT CONNECT(CERTAUTH LABEL('External Root') + RING(RingName) USAGE(CERTAUTH)) ID(userid) 2-Add the certificate with "Certificate Owner" = userid and the CONNECT with the option USAGE=PERSONAL. RACDCERT ID(userid) + ADD('DSN.ROOT') + WITHLABEL('External Root') + TRUST RACDCERT ID(userid) CONNECT(LABEL('External Root') + RING(RingName) USAGE(PERSONAL)) 3- Add the certificate with "Certificate Owner" = userid and the CONNECT with the option USAGE=CERTAUTH RACDCERT ID(userid) + ADD('DSN.ROOT') + WITHLABEL('External Root') + TRUST RACDCERT ID(userid) CONNECT(LABEL('External Root') + RING(RingName) USAGE(CERTAUTH)) All the options we have tested worked fine but I'd like to know if there is a standard way to add/import the certificate. If the certificate is from an external CA like Symantec, Digicert, Certisign, etc. the process is the same or do we have to follow another way to import the root chain certificate ? Thanks in advance for any help. Regards, Gilson Cesar ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN