SSL keystore name (SSLKeyStoreName)

This optional property applies to TCP/IP connections only, and only when the SSLEnabled property is set to true. The value contains the name, including the full file path, of the keystore.

Private keys and their associated public key certificates are stored in password-protected databases called keystores. For convenience, trusted certificates can also be stored in the keystore. The SSLKeyStoreName property can either be empty or could point to the keystore file. If the SSLKeyStoreName or the SSKeyStorePassword property is empty, an informational message is generated in the server log.

For non-z/OS platforms, specify the fully-qualified path name of your JKS keystore file. An example of a fully-qualified path name of your JKS keystore file is c:\keystore\MyKeystore.ks.

For z/OS®, the SSLKeyStoreName property can be used to specify either a JKS keystore or a RACF® keyring. For a JKS keystore, specify the name with the full path of the JKS keystore file. For a RACF keyring, specify the string that provides the information needed to access the RACF keyring. An example of a RACF keyring is keystore_type;keyring_name;racfid.

The following examples show two RACF keyring specifications:
  • JCERACFKS;myKeyring;kruser01
  • JCE4758RACFKS;myKeyring;kruser01

On z/OS, if the SSLKeyStoreName matches the RACF keyring format, the IMS™ TM resource adapter uses the specified RACF keyring as its keystore. If the specified keystore type is anything other than JCERACFKS or JCE4758RACFKS, the IMS TM resource adapter attempts to interpret the SSLKeyStoreName that is specified as the name of a JKS keystore file.

The JKS file can have a file extension other than KS.


Feedback