DBM Data Service Configuration with Top Secret generated certificates setup
Article ID: 266132
Updated On:
Products
Top Secret
Issue/Introduction
DBM Data Service Configuration Values digital cerificate setup.
Environment
Release : 16.0
Resolution
- Create the root:
TSS GENCERT(CERTAUTH) DIGICERT(ROOTCERT) SUBJECTN(subject_distinguised_name) LABLCERT(cerificate_label_name) NADATE(expiration_date) - Create the client cert:
TSS GENCERT(CERTSITE) DIGICERT(CLIENT) SUBJECTN(subject_distinguised_name) LABLCERT(cerificate_label_name) NADATE(expiration_date) SIGNWITH(CERTAUTH,ROOTCERT) - Create the server cerificate:
TSS GENCERT(CERTSITE) DIGICERT(SERVER) SUBJECTN(subject_distinguised_name) LABLCERT(cerificate_label_name) NADATE(expiration_date) SIGNWITH(CERTAUTH,ROOTCERT) - Create keyring:
TSS ADD(PLATDEV) KEYRING(keyring_name) LABLRING(keyring_label_name) - Add the certificates to the keyring:
TSS ADD(PLATDEV) KEYRNG(xxxxxxxxxxxxx) RINGDATA(CERTSITE,CLIENT) USAGE(PERSONAL)
TSS ADD(PLATDEV) KEYRNG(xxxxxxxxxxxxx) RINGDATA(CERTSITE,SERVER) USAGE(PERSONAL)
TSS ADD(PLATDEV) KEYRNG(xxxxxxxxxxxxx) RINGDATA(CERTAUTH,ROOT) USAGE(CERTAUTH) - Authorize user to use digital certificates:
TSS PER(PLATDEV) IBMFAC(IRR.DIGTCERT) ACC(CONTROL)
GENCERT command documentation.
Feedback
Yes
No
Powered by
