Preparing to Configure Certificate Express Logon

Before you configure an Certificate Express Logon macro, you need to have the following information.
  • Host application name

    Name of the host application the user is logging onto. For example, the name entered on the USSMSG10 screen.

  • Host access application ID

    This name must match the RACF® PTKTDATA (Passticket Data Profile) application name that is configured on the OS/390® (V2R10 or later) or z/OS® host. This name could be the same as the application name that the user is logging onto (for example, the name on USSMSG10). When creating PTKTDATA profiles for applications such as TSO, the application name portion of the profile will most likely not be the same. For example, RACF requires that the application ID portion of the profile name be TSO+SID. Refer to OS/390 V2R10.0 SecureWay Security Server RACF Security Administrator's Guide or z/OS V1R1.0 SecureWay Security Server RACF Security Administrator's Guide to determine the correct profile naming.

  • User ID and password for the application that you are logging on to.

    During macro recording, the actual user ID and password are used. They are not recorded in the macro; only the predefined substitute strings are recorded in the macro. The Telnet 3270 server replaces the predefined substitute strings with the actual user ID and password during the logon process.

  • Client Security Certificate
    The security certificate for the client must be stored in RACF using the RACF RACDCERT command.
    • For information about using digital certificates with RACF, refer to the following books:
      • For OS/390, refer to OS/390 V2R10.0 SecureWay Security Server RACF Security Administrator's Guide and OS/390 V2R10.0 SecureWay Security Server RACF Command Language Reference.
      • For z/OS, refer to z/OS V1R1.0 SecureWay Security Server RACF Security Administrator's Guide and z/OS V1R1.0 SecureWay Security Server RACF Command Language Reference.
    • For information about configuring DCAS to use RACF certificates, refer to the following books:
      • For OS/390, refer to OS/390 V2R10.0 IBM Communication Server IP Migration.
      • For z/OS, refer to z/OS V1R1.0 IBM Communication Server IP Migration.
Parent topic: Certificate Express Logon