CA Web Viewer 12.1 Export Certificate from RACF Keyring
Article ID: 129578
Updated On:
Products
CA CIS
CA Common Services for z/OS
CA 90s Services
CA Database Management Solutions for DB2 for z/OS
CA Common Product Services Component
CA Common Services
CA Datacom/AD
CA ecoMeter Server Component FOC
CA Easytrieve Report Generator for Common Services
CA Infocai Maintenance
CA IPC
Unicenter CA-JCLCheck Common Component
CA Mainframe VM Product Manager
CA Chorus Software Manager
CA On Demand Portal
CA Service Desk Manager - Unified Self Service
CA PAM Client for Linux for zSeries
CA Mainframe Connector for Linux on System z
CA Graphical Management Interface
CA Web Administrator for Top Secret
CA CA- Xpertware
CA Compress Data Compression for MVS
CA Compress Data Compression for Fujitsu
CA Output Management Document Viewer
CA Output Management Web Viewer
Issue/Introduction
How to export a certificate from a RACF keyring associated with CCISSL and import it into a matching ,jks certificate file for CA Output Management Web Viewer for USS.
An System SSL Trace showed this error. SSLHandshakeException General SSLEngine problem
An System SSL Trace showed this error. SSLHandshakeException General SSLEngine problem
Environment
IBM RACF
Common Services CCISSL 14.1
Common Services Tomcat
System SSL
CA Output Management Web Viewer for USS
Common Services CCISSL 14.1
Common Services Tomcat
System SSL
CA Output Management Web Viewer for USS
Resolution
- Issue this RACF command:
RACDCERT EXPORT(LABEL('labelname')) CERTAUTH DSN(data-set-name) FORMAT(CERTDER) - Using binary mode copy 'data-set-name' to ....../CA_OM_Web_Viewer/NMVS/config/trust.cer
- In TSO OMVS, enter these commands:
- cd ....../CA_OM_Web_Viewer/NMVS/config/
- export PATH=$PATH:/usr/lpp/java/J8.0_64/bin (for example)
- keytool -importcert -keystore truststore.jks -storepass your_password -trustcacerts -noprompt -file trust.cer -v
- A new file truststore.jks file will be created and contain the CA certificate as a trusted cert entry.
- In CCIClient.properties, specify these lines, add if needed:
- SSL.TrustStore=truststore.jks
- SSL.TrustStorePassword=your_password (your_password is the -storepass entry specified in the keytool command)
- Restart Tomcat
Feedback
Yes
No
Powered by
