IBM Z and LinuxONE IBM Z

Back to discussions
Expand all | Collapse all

No solution for creating certificates on HOD for Mac OS

  • 1.  No solution for creating certificates on HOD for Mac OS

    Posted Thu October 05, 2023 11:24 AM

    Hi,

    I am looking for a solution on how to create trusted certificates on HOD for Mac OS. The current solution is to import the CAs from a Windows user in order to use it on Mac, but I would like to find a solution to create the CAs directly from my Mac OS instead of asking for them from our Windows users. Has anyone found an easy work around for this?



    ------------------------------
    John Lee
    ------------------------------


  • 2.  RE: No solution for creating certificates on HOD for Mac OS

    Posted Wed November 01, 2023 12:39 PM

    Hi, 

    To solve this problem, you can extract the server (z/OS host)'s certificate by using OpenSSL following these steps (run these commands in Terminal):

    cd /Applications/HostOnDemand/lib
          openssl s_client -showcerts -connect host_name:992 </dev/null | sed -n -e '/-.BEGIN/,/-.END/ p' > certname.pem
          openssl x509 -outform der -in certname.pem -out certname.der

    cd "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin"
          ./keytool -import -file /Applications/HostOnDemand/lib/certname.der -alias "certname" -keystore /Applications/HostOnDemand/lib/CustomizedCAs.jks -storepass hodpwd

    NOTE: option -storepass hodpwd is mentioned in https://w3.ibm.com/w3publisher/siw-connection-information/host-on-demand

    Regards,



    ------------------------------
    JAMES GUAN
    ------------------------------

    Original Message