ACF2ACF2 - DB2 OptionACF2 for zVMACF2 - z/OSACF2 - MISCLDAP SERVER FOR Z/OSPAM CLIENT FOR LINUX ON MAINFRAMEWEB ADMINISTRATOR FOR TOP SECRET
Issue/Introduction
Usage of the PKDSLBL in the ACF2 GENCERT subcommand. What will happen if PKDSLBL is not specified when doing a GENCERT? If PKDSLBL is not specified, does the private key get stored in ACF2 database and public key in the certificate? If the PKDSLBL is specified with PCICC, does the private key get stored in ICSF database and public key in the certificate?
Environment
Release : 16.0
Component : CA ACF2 for z/OS
Resolution
If PKDSLBL is not specified, the PKDS label is generated in the format IRR.DIGTCERT.userid.cvtsname.ebcdic-stck-value, where userid is the owning user ID, cvtsname is the system name, which is taken from the CVT, and ebcdic-stck-value is an EBCDIC version of the current store clock value. Regardless of whether PKDSLBL is specified or not, if either ICSF or PCICC is specified the private key will be stored in ICSF.