Express Logon (ELF)
1. Follow - Create an HFS KEYRING File
2. Follow - Create a Self-signed Certificate if a Trusted CA is Not Available
3. Follow - Create a Server Certificate
4. Follow - Create a Client Certificate
5. Add EXPRESSLOGON to the TelnetParms block
6. SETR CLASSACT(PTKTDATA)
7. RDEF PTKTDATA TSOSYS1 SSIGNON(KEYMASKED(E001193519561977)) UACC(NONE) APPLDATA(‘NO REPLAY PROTECTION’)
a. KEYMASKED can be any combination of 16 hexadecimal characters.
b. TSOSYS1 is TSO concatenated with the value of SID in SMFPRMxx if VTAM generic resource naming is not being used. If VTAM generic resource naming is being used, see z/OS V1R4.0 Security Server RACF Security Administrator’s Guide, 7.13.3.1 Determining Profile Names.
c. A passticket expires in 10 minutes, to make it expire after signing on add: APPLDATA(‘NO REPLAY PROTECTION’).
Related Links
Enable SSL on z/OS (Parent Topic)