Creating z/OS Passticket Data Profiles

After SSL has been set up on the host, prepare data profiles for applications that will use the Express Logon Feature (ELF). Be certain to identify and save the Application ID (for reference when you create your start-up macros).

To create z/OS Passticket data profiles for applications
  1. At the host, run the following command for each application. In this example, the application name is represented as APPNAME and a generic value is used for KEYMASKED.

    RDEF PTKTDATA APPNAME SSIGNON (KEYMASKED(01F2F3F4F5F6F7)) UACC(NONE)

    Note RACF requires the APPNAME for the TSO application to be a concatenation of TSO and the system ID string, for example:
    TSOSID1
  2. After you have created a profile for each application, type the following command at the server to make the profiles available to the system:

    SETR RACLIST(PTKTDATA) REFRESH

  3. Check the TCP.PROFILES file on the server. To define a secure port, the KEYRING SAF, CLIENTAUTH SAFCERT and the EXPRESSLOGON parameters must be present in the TELNETPARMS section, as shown in the following example. Depending on your certificate provider, other parameters may also be required.
    TELNETPARMS
        SECUREPORT 523 KEYRING SAF MYRINGNAME
        CLIENTAUTH SAFCERT
        EXPRESSLOGON
    ENDTELNETPARMS
    
  Attachmate