Universal Certificate for zOS
- Former user (Deleted)
- Stonebranch (Deactivated)
- IT Stonebranch
Overview
Universal Certificate for z/OS executes as a batch job.
This section describes the Universal Certificate for z/OS JCL and command line options.
JCL Procedure
The following figure illustrates the Universal Certificate for z/OS JCL procedure (UCRPRC, located in the SUNVSAMP library), that is provide to simplify the execution JCL and future maintenance.
//UCRPRC PROC UPARM=, -- UCERT options // UCRPRE=#SHLQ.UNV, // UCRDBPRE=#PHLQ.UNV //* //PS1 EXEC PGM=UCERT,PARM='ENVAR(TZ=EST5EDT)/&UPARM' //STEPLIB DD DSN=&UCRPRE..SUNVLOAD, // DISP=SHR //* //UNVDB DD DSN=&UCRDBPRE..UCRDB, // DISP=SHR //UNVNLS DD DSN=&UCRPRE..SUNVNLS, // DISP=SHR //UNVTRACE DD SYSOUT=* //* //SYSPRINT DD SYSOUT=* //SYSOUT DD SYSOUT=* //CEEDUMP DD SYSOUT=* //SYSUDUMP DD SYSOUT=*
DD Statements used in JCL Procedure
The following table describes the DD statements used in the Universal Certificate for z/OS JCL procedure, above.
ddname | Description |
|---|---|
STEPLIB | Load library in which program UCERT is located. |
UNVDB | UCERT certificate database. |
UNVNLS | UCERT national language support ddname. |
UNVTRACE | UCERT trace ddname. |
SYSPRINT | UCERT standard output ddname. |
SYSOUT | UCERT standard error ddname. |
JCL
The following figure illustrates the Universal Certificate for z/OS JCL using the UCRPRC JCL procedure, above.
//UCERT EXEC PGM=UCERT //STEPLIB DD DISP=SHR,DSN=UNV.SUNVLOAD //UNVNLS DD DISP=SHR,DSN=UNV.SUNVNLS //UNVDB DD DISP=SHR,DSN=UNV.UCRDB //UNVTRACE DD SYSOUT=* //SYSPRINT DD SYSOUT=* //SYSOUT DD SYSOUT=* //CEEDUMP DD SYSOUT=* //SYSIN DD DUMMY
Command Line Syntax
The following figure illustrates the syntax - using the long form of command line options - of Universal Certificate for z/OS.
ucert[-codepage codepage][-level {trace|audit|info|warn|error}][ -file ddname | -encryptedfile ddname [-key key] [-keypath path]
Creating a certificate request.{-create request-request_file ddname [-request_format {pem|der}]-private_key_file ddname [-private_key_format {pem|der}]-private_key_infile ddname [-private_key_format {pem|der}][-private_key_pwd password][-key_size {512|1024|2048|3072||4096}][-country name][-state name][-locality name][-organization name][-organizational_unit name][-common_name name]{ [-dns_name name] | [-ip_address name] }[-sig_alg algorithm][-email_address name]
Creating a certificate from a certificate request.| -create cert -request_file ddname [-request_format {pem|der}] -cert_file ddname [-cert_format {pem|der}][-cert_db ddname] -private_key_file ddname [-private_key_format {pem|der}]-private_key_infile ddname [-private_key_format {pem|der}][-private_key_pwd password]-ca_cert_file ddname [-ca_cert_format {pem|der}][-serial_number number][-not_before_date date] [-not_after_date date][-ca {yes|no}][-sig_alg algorithm]
Creating a certificate from a transport file.| -create cert-transport_file ddname [-transport_file_pwd password]-cert_file ddname [-cert_format {pem|der}]-private_key_file ddname [-private_key_format {pem|der}]-private_key_infile ddname [-private_key_format {pem|der}]-ca_cert_file ddname [-ca_cert_format {pem|der}]
Creating a certificate revocation list.| -create crl-crl_file ddname [-crl_format {pem|der}]-ca_cert_file ddname [-ca_cert_format {pem|der}]-private_key_file ddname [-private_key_format {pem|der}]-private_key_infile ddname [-private_key_format {pem|der}][-private_key_pwd password]-next_update_days days-next_update_hours hours[-cert_db ddname]
Creating a transport file.| -create transport-transport_file ddname [-transport_file_pwd password]-cert_file ddname [-cert_format {pem|der}]-private_key_file ddname [-private_key_format pem|der}]-private_key_infile ddname [-private_key_format {pem|der}][-private_key_pwd password]-ca_cert_file ddname [-ca_cert_format {pem|der}][-common_name name][-keypbe encryption][-certpbe encryption]
Revoking a certificate.| -revoke cert[-revoke_reason {unspecified|keyCompromise|caCompromised|affiliationChange|superseded|cessationofOperation|privilegeWithdrawn}]-cert_file ddname [-cert_format {pem|der}][-cert_db ddname]
Printing a certificate request.| -print request-request_file ddname [-request_format {pem|der}]
Printing a certificate.| -print cert-cert_file ddname [-cert_format {pem|der}]
Printing a certificate revocation list.| -print crl-crl_file ddname [-crl_format {pem|der}]
Printing a transport file.| -print transport-transport_file ddname [-transport_file_pwd password]
Verifying a certificate.| -verify cert-cert_file ddname [-cert_format {pem|der}]-ca_cert_file ddname [-ca_cert_format {pem|der}]-crl_file ddname [-crl_format {pem|der}]
ucert{ -help | -version }