Hi,
To solve this problem, you can extract the server (z/OS host)'s certificate by using OpenSSL following these steps (run these commands in Terminal):
cd /Applications/HostOnDemand/lib
openssl s_client -showcerts -connect host_name:992 </dev/null | sed -n -e '/-.BEGIN/,/-.END/ p' > certname.pem
openssl x509 -outform der -in certname.pem -out certname.der
cd "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin"
./keytool -import -file /Applications/HostOnDemand/lib/certname.der -alias "certname" -keystore /Applications/HostOnDemand/lib/CustomizedCAs.jks -storepass hodpwd
NOTE: option -storepass hodpwd is mentioned in https://w3.ibm.com/w3publisher/siw-connection-information/host-on-demand
Regards,
------------------------------
JAMES GUAN
------------------------------
Original Message:
Sent: Thu October 05, 2023 11:23 AM
From: John Lee
Subject: No solution for creating certificates on HOD for Mac OS
Hi,
I am looking for a solution on how to create trusted certificates on HOD for Mac OS. The current solution is to import the CAs from a Windows user in order to use it on Mac, but I would like to find a solution to create the CAs directly from my Mac OS instead of asking for them from our Windows users. Has anyone found an easy work around for this?
------------------------------
John Lee
------------------------------