After Generating a Digital Certificate, How Does One Export It?

book

Article ID: 17929

calendar_today

Updated On:

Products

CA Cleanup CA Datacom - DB CA Datacom CA Datacom - AD CA Datacom - Server CA CIS CA Common Services for z/OS CA 90s Services CA Database Management Solutions for DB2 for z/OS CA Common Product Services Component CA Common Services CA Datacom/AD CA ecoMeter Server Component FOC CA Easytrieve Report Generator for Common Services CA Infocai Maintenance CA IPC Unicenter CA-JCLCheck Common Component CA Mainframe VM Product Manager CA Chorus Software Manager CA On Demand Portal CA Service Desk Manager - Unified Self Service CA PAM Client for Linux for zSeries CA Mainframe Connector for Linux on System z CA Graphical Management Interface CA Web Administrator for Top Secret CA CA- Xpertware CA Top Secret CA Top Secret - LDAP CA Top Secret - VSE

Issue/Introduction

Description:

After generating a digital certificate, how does one export it and be sure the private key is in there to be added to other key rings?

Solution:

Use the following format of the EXPORT command to export a digital certificate with its private key:


 	TSS EXPORT(USERA) DIGICERT(USERCERT) DCDSN(Your.export.dataset) FORMAT 	(PKCS12DER) PKCSPASS(PKCSpassword)

And add it (import it) to an acid on another location (ie a different cpu):


 	TSS ADD(USERA) DIGICERT(USERCERT) DCDSN(Your.export.dataset) LABLCERT(USERA_CERT) PKCSPASS(PKCSpassword) TRUST 

Then add it to the required key ring with:


 	TSS ADD(USERB) KEYRING(USRBRING) RINGDATA(USERA,USERCERT) DEFAULT USAGE(PERSONAL)

Environment

Release: TOPSEC00200-15-Top Secret-Security
Component: