Re: z/OS SSL

I Have, do you want me to post what I did. It was MQSeries.

-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@xxxxxxxxxxx] On
Behalf Of Hal Merritt
Sent: Thursday, May 29, 2008 1:38 PM
To: IBM-MAIN@xxxxxxxxxxx
Subject: Re: z/OS SSL

I could never get z/os to accept a self signed cert. I did create my own
CA and used that sign certs exported to the client. I think. Been a
while.

-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@xxxxxxxxxxx] On
Behalf Of Mark Pace
Sent: Thursday, May 29, 2008 1:29 PM
To: IBM-MAIN@xxxxxxxxxxx
Subject: Re: z/OS SSL

I _thought_ I was creating a self-signed cert. That's what I did on our
z/VM systems for testing.
z/OS is proving to be much more difficult to get working that z/VM was.

On Thu, May 29, 2008 at 12:47 PM, Chase, John <jchase@xxxxxxxxx> wrote:

-----Original Message-----
From: IBM Mainframe Discussion List On Behalf Of Mark Pace

Okay I added a CA to the ring. Still get the same error.
I don't recall seeing anything in the IP guide about
IRR.DIGTRING.LIST.
I'll look that one up.

Sorry; that's described in the RACF SecAdmin Guide.

racdcert id(tn3270) listring(TNRING)

Digital
ring information for user TN3270:
Ring:
>TNRING<
Certificate Label Name Cert Owner USAGE
DEFAULT
-------------------------------- ------------ --------
-------
TnServerCert ID(TN3270) PERSONAL
YES
Verisign Class 3 Primary CA CERTAUTH CERTAUTH NO

And that _is_ the CA that signed TnServerCert, right?

-jc-


NOTICE: This electronic mail message and any files transmitted with it
are intended
exclusively for the individual or entity to which it is addressed. The
message,
together with any attachment, may contain confidential and/or privileged
information.
Any unauthorized review, use, printing, saving, copying, disclosure or
distribution
is strictly prohibited. If you have received this message in error,
please
immediately advise the sender by reply email and delete all copies.

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to listserv@xxxxxxxxxxx with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

==========================
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity
to which they are addressed. If you have received this email in error please notify the system manager. This message
contains confidential information and is intended only for the individual named. If you are not the named addressee you
should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you
have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient
you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this
information is strictly prohibited.

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to listserv@xxxxxxxxxxx with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

.