How can a SSL certificate from a distributed environment be used to login to mainframe? Is their any encryption card or any hardware required?

search cancel

How can a SSL certificate from a distributed environment be used to login to mainframe? Is their any encryption card or any hardware required?

book

Article ID: 13700

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC PanApt PanAudit

Issue/Introduction

How can a SSL certificate from a distributed environment be used to login to mainframe?
Is their any encryption card or any hardware required?

Environment

Release:
Component: ACF2MS

Resolution

Users can be identified and authenticated by means of a digital certificate presented to a z/OS server application that uses System SSL or TCP/IP Application Transparent TLS (AT-TLS) or a z/OS LDAP Server and then mapped to an ACF2 logonid.

The following applications support client authentication via digital certificates when using SSL/TLS sessions:

- FTP
- TN3270, using the Express Logon Feature (ELF) and the Digital Certificate Application Server (DCAS)
- HTTP server

An encryption card or any other hardware is not required on the z/OS side.

Feedback

thumb_up Yes

thumb_down No