After applying maintenance to Top Secret, several tasks ( ctg webserver, sftp, ssh stcs and cics) may fail if the user does not have UPDATE access for the r_datalib callable service. Before the maintenance, it was enough with Read access.

Some samples of the errors found:

In webserver requests:
                                                                  
SSL0248E: SSL Handshake Failed, The specified key did not contain a private key. 

Other errors:

main: SSLContextFactory: Caused by: java.io.IOException: The private key of xxxxx   is not available or no authority to access the private key 

TSSUTIL shows:

AAAA yyyyyyyy zzzzzzz  S F 01 BPXPTATT UPDATE   READ     *08*-97     ? ringOwner.ringName.LST

Top Secret 16.0 with LU11702 applied.

With LU11702 applied, UPDATE access to the RDATALIB resource is now required to validate a private key for another user's digital certificate through an   R_datalib 

After applying LU11702, if using the RDATALIB class to share certificates and keyrings, UPDATE access to resource ringOwner.ringName.LST in the RDATALIB resource class is now required when retrieving the private key from another user's digital certificate.

Prior to LU11702, READ access to the RDATALIB resource allowed access to the private key.