Back to Courses

RACF – Managing Digital Certificates 2.5

Duration

3 hours

Overview

Description

In this course you will see how encryption keys are used to securely manage data, and the standards that enforce encryption protocols. You will be introduced to various types of certificates and see how data that is stored in them. From a z/OS perspective you will see how IBM’s Digital Certificate Access Server (DCAS) provides password free access to that environment using a certificate. Commands used to generate and manipulate digital certificates, and key rings is discussed in detail.

Audience

Application programmers, systems programmers, database administrators, security administrators, and anyone requiring knowledge about securing z/OS UNIX users and system resources using RACF.

Prerequisites

Successful completion of the Interskill RACF – Introduction course or equivalent knowledge.

Objectives

After completing this course, the student should be able to:

  • Describe how Public Key Cryptography works
  • Explain what Digital Certificates are and how they work with Public Key Cryptography
  • Describe how Digital Certificates are Used in a z/OS environment
  • Describe certificate tasks that can be performed using the RACDCERT command
  • Create a Digital Certificate using the RACDCERT command
  • List the content of a Digital Certificate and key ring

Course Content

Introduction to Digital Certificates

Symmetric and asymmetric encryption
Public Key Cryptography Standards
X.509 Digital Certificate Content
Single Binary Certificate
Certificate Chain
Binary Certificate Package
Encryption Algorithms
Server and Client Authentication in a z/OS Environment

Creating and Managing Digital Certificates

RACF Digital Certificate Generation Process
Using the RACDCERT Command
User, Site, and Certificate Authority Certificates
Certificate Distinguished Name
Storing Keys
Special RACF User IDs Used to Anchor Certificates
Defining Access to use RACDCERT
Creating Granular Rules
ICSF Authorization
Digital Certificate RACF Classes
Displaying Certificate and Key Ring Content
Checking to see if Certificate Exists in the RACF Database
Renewing an Expiring Digital Certificate

RACF – Managing Digital Certificates 2.5 Mastery Test