Sharing KEYRINGs across multiple CPUs or LPAR
search cancel

Sharing KEYRINGs across multiple CPUs or LPAR


Article ID: 96823


Updated On:


Top Secret Top Secret - LDAP


Can you share KEYRINGs across multiple CPUs or LPAR

Can you share a keyring against multiple LPARs or CPUs?

Is that method recommended? 


Component: TSSMVS


A keyring cannot be shared as they are specific to the acid that owns them .  You can however name a keyring the same name and add the same certificates to the keyring. 

Sharing the same keyring name across multiple systems is a matter of choice. 

Using the same keyring name and certificate across multiple systems makes it easier for the administrator because they do not have to remember each keyring name for each system and which certificate belongs where. 

The drawback is if someone steals the certificate they will be able to use it to establish an SSL connection.  They will still need credentials to logon to the FTP server and if they do log on they have multiple angles of attack since multiple systems share the certificate.