IBM Crypto Education Community

 View Only

 Key Distribution call - CSNDT34D - PKI-NONE rule

Mark Vollmer's profile image
Mark Vollmer posted Tue October 29, 2024 09:06 AM

In this call, had I omitted the PKI-NONE rule, where would ICSF expect to find the CA certificates to validate with?   Perhaps the PKDS file?   And if yes, would it search the entire file looking for a CA that would work?  

I've read that we should enter the CA certificates through the TKE terminal.  I do not have such a terminal.  Where would TKE store the certificates we introduce through that interface?  

Is there a ICSF call that I can make in a batch program that would do the same thing?

Sincerely,