Digital certificate keyrings with multiple sites
search cancel

Digital certificate keyrings with multiple sites

book

Article ID: 12073

calendar_today

Updated On:

Products

Top Secret Top Secret - LDAP

Issue/Introduction



How do setup an acid with digital certificates to access multiple sites that require different certificates?

 

Environment

Release: TOPSEC00200-15-Top Secret-Security
Component:

Resolution

We see 2 options.

1. Use multiple keyrings. Use one unique keyring for each FTP site.
2. Use one single keyring and put all the certificates for your multiple sites on the one keyring.

The following link documents how to specify a keyring with your FTP job:

https://www.ibm.com/support/knowledgecenter/SSLTBW_2.1.0/com.ibm.zos.v2r1.halz001/ftpcaskeyring.htm

It allows you to specify a unique keyring for each site to be used with the FTP jobs. So depending on the site you are connect too, you can specify a different keyring.

As for the second option, you should be able to use one keyring for all your FTP sites you will be connecting too. The entire keyring will be searched for the right certificate to establish the SSL connection.