What indicates that IKED has successfully accessed the SAF key ring to support the RSA signature mode of authentication?

Question & Answer

Question

We would like to be able to verify that IKED has successfully accessed the SAF key ring to support the RSA signature mode of authentication. What should we be looking for?

Answer

For the IKE daemon to support RSA signature mode authentication using a local certificate repository, the daemon must be able to access certificates on the SAF key ring. The IKE daemon issues message EZD0990I to indicate that IKE daemon has successfully accessed the SAF key ring to support the RSA signature mode of authentication.

Here is the text of the EZD0990I message:

EZD0990I The IKE daemon is set up to support RSA signature mode of authentication for stack stackname using the local keyring

You specify this key ring by coding either the the KeyRing parameter of the IkeConfig statement, or, when configuring with the IBM Configuration Assistant for z/OS Communications Server GUI, specifying the key ring on the key ring database field on the IPSec: IKE Daemon Settings panel.

[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSSN3L","label":"z\/OS Communications Server"},"Platform":[{"code":"PF035","label":"z\/OS"}],"Component":"","Version":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]

Product Synonym

ZOSCS COMMSERVER

Was this topic helpful?

Document Information

Modified date:
07 March 2018

UID

dwa1435453

Tips