ACF2 - How to deploy a CERTAUTH certificate for HTTPS Connections

book

Article ID: 213178

calendar_today

Updated On:

Products

ACF2 ACF2 - z/OS ACF2 - MISC Trusted Access Manager for Mainframe Data Content Discovery Compliance Event Manager CHORUS SOFTWARE MANAGER MAINFRAME SECURITY INSIGHTS PLATFORM

Issue/Introduction

Example deployment of a Tamz CERTAUTH certificate stored in ACF2 keystore for HTTPS Connections.

Resolution

Deploy Tamz CERTAUTH certificate for HTTPS Connections

Step 1

Generate the CA ACF2 certificates and EXPORT the CERTAUTH.tamzca to a z/OS file for deployment to a web browser keystore.

//ACFBATCH EXEC PGM=ACFBATCH                                           
//SYSPRINT DD SYSOUT=*                                                 
//SYSIN    DD *                                                       
SET PROFILE(USER) DIVISION(CERTDATA)
GENCERT CERTAUTH.tamzca EXPIRE(mm/dd/yy) LABEL(certauth.tamzca) -
 SUBJ(ou="tamz-ca")
GENCERT tamstc.tamzstc SIGNWITH(CERTAUTH) LABEL(certauth.tamzca) -
 EXPIRE(mm/dd/yy) LABEL(tamstc.tamzstc) SUBJ(ou="tamz-stc")
EXPORT CERTAUTH.tamzca DSN('PUBLIC.DEMO.CERT0421.EXPORT')               
/*    

Step 2

FTP download the z/OS file 'PUBLIC.DEMO.CERT0421.EXPORT' to your PC in ASCII format. In this example the z/OS file is downloaded to the PC with a filename of TAMZCA.cer.

Step 3

Open Internet Explorer Browser and click on the settings icon :

 

Step 4

Next click on ‘Internet options’:

 

Step 5

Next click on the ‘Content’ tab from Internet Options:

 

Step 6

Next client on ‘Certificates’ button:

 

Step 7

Next click on ‘Import’ button:

 

Step 8

Next click on ‘Next’ button to use the Certificate Import Wizard:

 

Step 9

Next click on ‘Browse’ button to locate the directory containing the TAMZCA.cer file that you downloaded:

 

Step 10

Next select the ‘TAMZCA.cer’ certificate on your PC and click ‘Open’ button:

 

Step 11

Next, after selecting the directory and file name, click on the ‘Next’ button:

 

Step 12

Next click on the ‘Browse’ button and select the ‘Certificate Store’ that you want to install the certificate into:

 

Step 13

Next review the Import settings and click on the ‘Finish’ button:

 

Step 14

Next click on the ‘OK’ button after the successful Import:

 

Attachments