What is different with certificate renewal if the private key needs to be changed which is common in banks?

search cancel

What is different with certificate renewal if the private key needs to be changed which is common in banks?

book

Article ID: 218817

calendar_today

Updated On:

Products

ACF2 ACF2 - MISC ACF2 - z/OS Top Secret

Issue/Introduction

ACF2, Top Secret, RACF, What is different with certificate renewal if the private key needs to be changed which is common in banks?

Resolution

There are two options to renew a certificate with a new private key. Sites can either delete the expiring certificate(after backup) and then GENCERT a new certificate with a new private key or utilize the RKEY and ROLLOVER commands to renew a certificate with a new private key. All three ESMs(ACF2, Top Secret and RACF) support the REKEY and ROLLOVER commands.

Feedback

thumb_up Yes

thumb_down No