Creating certificates on z/OS

(SPE2501)

You can use the BMC AMI Enterprise Connector for Venafi UI to create certificates on z/OS. 

Before you begin

To use the web browser interface, you must configure an HTTPServer statement in BMC AMI Resident Security Server. To configure an HTTPServer statement, see "Server member (SRVSYS1)" in Sample RSS configuration parameters. For more information about the HTTP server parameters, see "Server member configuration parameters (SRVSYS1)" in RSS server configuration parameters.

Related topics

Using

To log on to EC for Venafi

Your system might vary depending on the installed products.

  1. In a web browser, enter https://systemName:port, substituting the values as determined by your product installation and RSS configuration.

  2. In the BMC AMI Security Logon window, enter your TSO user ID and password, and click Log On.
    The Product Selection menu is displayed.

    Important

    If you do not have the required level of authority to log on to RSS, your connection might be rejected, even if your user ID and password are correct.

  3. Click the EC for Venafi Launch button.
    The EC for Venafi dashboard displays the list of EC for Venafi agents running on your system.
    (SPE2410)The footer of the EC for Venafi UI displays information such as the current user ID, the product name, and the current release and version details.

Using the menus and buttons

You can use the menus and buttons at the top of the dashboard to perform the following actions:

Menu/Button

Action

System

Display a table listing your agent systems or agent software versions.

Keyrings

Display a table listing your key rings with detailed information or a summary of your key rings.

Certificates

Display a table listing your certificates.

Menu

Return to the Product Selection menu.

Log Off

Exit EC for Venafi and the BMC AMI Security product group, and return to the BMC AMI Security Logon window.

To copy or download a table

You can copy and download the any of the tables by using the dashboard buttons as follows:

Action

Task

To copy a table to the clipboard

Click Copy.

To download the table as a spreadsheet

Click XLSX.

To download the table as plain text

Click CSV.

To download the table as a PDF

Click PDF.

Important

If you click any of these buttons after performing a sort or search on the table, then the download or copy actions are performed only on the search results and not on the whole table.

To locate a specific agent, key ring, or certificate

  1. Navigate to the table containing the item that you want to locate.
  2. Use the Search box under the Copy, XLSX, CSV, and PDF buttons to locate the specific item in the table.

To filter a table

You can filter information by column content.

  1. Click the box in the header row of the column you want to filter.
  2. Enter a full or partial character string for the item you want to filter for.
    The table excludes all other items except for those that match the string you entered.

You can use this feature with the Search box under the Copy, XLSX, CSV, and PDF buttons

To view a certificate

  1. In the All Certificates window, click Select in the Action column to the left of the table row containing the certificate that you want to view.
  2. Click View Cert.
    The View Certificate window opens, displaying the details of the selected certificate.

To delete a certificate

  1. In the All Certificates window, click Select in the Action column to the left of the table row containing the certificate that you want to delete.
  2. Click Delete Certificate.
    The Delete Certificate window opens, confirming deletion of the selected certificate.

To copy a certificate to another LPAR

(SPE2410)

  1. In the All Certificates window, click Select in the Action column to the left of the table row containing the certificate that you want to copy.
  2. Click Copy Certificate.
    The Specify the target LPAR for the copy window opens.
  3. Enter the name of the target LPAR.
  4. Click Submit.

    • If the certificate owner does not exist on the specified LPAR, EC for Venafi records an error message in the RSVLmmdd log file.

      Example for TSS
      TSS0314E  ACID DOES NOT EXIST
    • If the copy action is successful, the certificate is exported to a PKCS #12 data set that is sent to and imported into the target LPAR. After the certificate is copied, the PKCS #12 data set is deleted.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*