- Duration
- 3 hours
In the "RACF - Managing Digital Certificates" course you will see how encryption keys are used to securely manage data, and the standards that enforce encryption protocols. You will be introduced to various types of certificates and view the data that can be stored in them. From a z/OS perspective you will see how IBM's Digital Certificate Access Server (DCAS) provides password free access to that environment using a certificate. Commands used to generate and manipulate digital certificates, and keyrings is discussed in detail.
Application programmers, systems programmers, database administrators, security administrators, and others requiring knowledge about the use of certificates in a z/OS environment.
Successful completion of the "RACF- Introduction" course or equivalent knowledge
After completing this course, the student should be able to:
- Describe how public key cryptography works
- Explain what digital certificates are and how they work with public key cryptography
- Describe how digital certificates are Used in a z/OS Environment
- Describe certificate tasks that can be performed using the RACDCERT command
- Create a digital certificate using the RACDCERT command
- List the content of a digital certificate and keyring
Symmetric and asymmetric encryption
Public Key Cryptography Standards
X.509 Digital Certificate Content
Single Binary Certificate
Certificate Chains
Binary Certificate Package
Encryption Algorithms
Server and Client Authentication in a z/OS Environment
RACF Digital Certificate Generation Process
Using the RACDCERT Command
User, Site, and Certificate Authority Certificates
Certificate Distinguished Name
Storing Keys
Special RACF User IDs Used to Anchor Certificates
Defining Access to use RACDCERT
Creating Granular Rules
ICSF Authorization
Digital Certificate RACF Classes
Displaying Certificate and Keyring Content
Checking the Existence of a Certificate in the RACF Database
Renewing and Rekeying an Expiring Digital Certificate
