Classification: Confidential
SSL keys (contained in the cert) are text strings. Text transfer should fix the
problem.
-----Original Message-----
From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> On Behalf Of
Matt Hogstrom
Sent: Thursday, May 4, 2023 8:48 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Importing x.509 Certs in to RACF
[CAUTION: This Email is from outside the Organization. Unless you trust the
sender, Don’t click links or open attachments as it may be a Phishing email,
which can steal your Information and compromise your Computer.]
I’m attempting to import an x.509 cert for TLS. The certificate is valid and
originates on a distributed system. I have the cert and the private key. I’m
trying to import the cert into RACF. I’ve tried creating a pfx file (pkcs12)
as well as importing the text based certs individually. Each time I try I end
up with an error. The below was my attempt to import the DigiCertCA against
which my certificate was created. I admit this is not my area of speciality so
I suspect I’m doing something stupid. Here is the ADD command.
RACDCERT ADD(IBMUSER.CERT.DIGICERT) CERTAUTH TRUST
WITHLABEL('DigiCertCA’)
IRRD103I An error was encountered processing the specified input data set.
The certificate is in ISO8859-1 on my Mac and I transfer it to USS as binary
and tag is as ISO8859-1.
Anyone have a workflow for adding a TLS cert ? The IBM documentation is
accurate I’m sure but not helpful.
Matt Hogstrom
“It may be cognitive, but, it ain’t intuitive."
— Hogstrom
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions, send email to
lists...@listserv.ua.edu with the message: INFO IBM-MAIN
::DISCLAIMER::
________________________________
The contents of this e-mail and any attachment(s) are confidential and intended
for the named recipient(s) only. E-mail transmission is not guaranteed to be
secure or error-free as information could be intercepted, corrupted, lost,
destroyed, arrive late or incomplete, or may contain viruses in transmission.
The e mail and its contents (with or without referred errors) shall therefore
not attach any liability on the originator or HCL or its affiliates. Views or
opinions, if any, presented in this email are solely those of the author and
may not necessarily reflect the views or opinions of HCL or its affiliates. Any
form of reproduction, dissemination, copying, disclosure, modification,
distribution and / or publication of this message without the prior written
consent of authorized representative of HCL is strictly prohibited. If you have
received this email in error please delete it and notify the sender
immediately. Before opening any email and/or attachments, please check them for
viruses and other defects.
________________________________
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
