RACF – Managing Digital Certificates 2.4

Duration

3 hours

Overview

In the “RACF – Managing Digital Certificates” course you will see how encryption keys are used to securely manage data, and the standards that enforce encryption protocols. You will be introduced to various types of certificates and see how data that is stored in them. From a z/OS perspective you will see how IBM’s Digital Certificate Access Server (DCAS) provides password free access to that environment using a certificate. Commands used to generate and manipulate digital certificates, and keyrings is discussed in detail.

Audience

Application programmers, systems programmers, database administrators, security administrators, and others requiring knowledge about the use of certificates in a z/OS environment.

Prerequisites

Successful completion of the “RACF – Introduction to RACF” course or equivalent knowledge.

Objectives

After completing this course, the student will be able to:

• Describe how Public Key Cryptography works
• Explain what Digital Certificates are and how they work with Public Key Cryptography
• Describe how Digital Certificates are Used in a z/OS Environment
• Describe certificate tasks that can be performed using the RACDCERT command
• Create a Digital Certificate using the RACDCERT command
• List the content of a Digital Certificate and Keyring

Course Content

Creating and Managing Digital Certificates

RACF Digital Certificate Generation Process
Using the RACDCERT Command
User, Site, and Certificate Authority Certificates
Certificate Distinguished Name
Storing Keys
Special RACF User IDs Used to Anchor Certificates
Defining Access to use RACDCERT
Creating Granular Rules
ICSF Authorization
Digital Certificate RACF Classes
Displaying Certificate and Keyring Content
Checking to see if Certificate Exists in the RACF Database
Renewing an Expiring Digital Certificate