IBM Z and LinuxONE IBM Z

  • 1.  HOD/Trusted CAs/Mac OS/X

    IBM Champion
    Posted Mon September 28, 2020 03:23 PM
    Hello,

    We are in the process of implementing TLS for our TSO sessions.  We are using self-signed certificates.  On HOD for Mac OS/X this apparently isn't working because our CA isn't in the "trusted list" (662).

    There appears to be documentation on how to add these certificates or CAs for a Windows and Linux system, but not for Mac.  Can somebody describe the process for Mac OS/X or point me to documentation on how to do so?

    Thanks,
    Scott Fagen



  • 2.  RE: HOD/Trusted CAs/Mac OS/X

    Posted Tue September 29, 2020 12:02 PM
    We have a Java keystore file named CustomizedCAs.jks containing the signer certificate, and store it in /Applications/HostOnDemand/lib . The password for the keystore must be hodpwd

    There is some more information at How to make server certificates available to Host On-Demand clients for JSSE TLS support about it. The article does talk about using HOD's certificate management tool, but the file can be created using the standard Java keytool utility as well.

    ------------------------------
    Peter Kidwell
    Application Architect, IBM CIO
    ------------------------------



  • 3.  RE: HOD/Trusted CAs/Mac OS/X

    Posted Thu October 05, 2023 11:22 AM

    I'd like to open this up again due to the fact that there's no simple solution for Mac users on how to add the certificates for HOD. The instructions listed above don't have any solutions for the Mac OS. Is there anyone that has found a way to simplify for Mac?



    ------------------------------
    John Lee
    ------------------------------