/****************************************/ /* */ /* RENEW Internal CA Certs */ /* */ /****************************************/ /****************************************/ /* Links */ /****************************************/ SAFCRRPT Certificate Utility Parameters: https://techdocs.broadcom.com/us/en/ca-mainframe-software/security/ca-top-secret-for-z-os/16-0/reporting/certificate-utility.html RENEW command documentation: https://techdocs.broadcom.com/us/en/ca-mainframe-software/security/ca-top-secret-for-z-os/16-0/administrating/issuing-commands-to-communicate-administrative-requirements/command-functions/renew-function-renew-a-digital-certificate.html /****************************************/ /* TOP SECRET */ /****************************************/ /* BATCH */ //TSSBATCH EXEC PGM=IKJEFT01,REGION=0M //SYSTSPRT DD SYSOUT=* //SYSTSIN DD * TSS CHKCERT DCDSN('USER1.CERTTOM') TSS RENEW(USER1) DIGICERT(USR1TEST) NADATE(12/30/30) TSS EXPORT(USER1) DIGICERT(USR1TEST) DCDSN('USER1.CERTTOM2')- FORMAT(PKCS7DER) TSS CHKCERT DCDSN('USER1.CERTTOM2') /* /* OUTPUT */ TSS CHKCERT DCDSN('USER1.CERTTOM') THIS CERTIFICATE IS REGISTERED WITH CA-TOP SECRET DIGICERT = USR1TEST ACCESSORID = USER1 ADMIN BY= BY(USER1 ) SMFID(XXXX) ON(03/04/2021) AT(08:43:19) LABEL = USER1 Cert STATUS = TRUST SERIAL# = 01 ISSUER DISTINGUISHED NAME: .CN=TestInterCert.OU=MyCo.C=US SUBJECT DISTINGUISHED NAME: CN=USER1TEST.OU=MyCo.C=US PRIVATE KEY SIZE = 1024 PRIVATE KEY TYPE = RSA ALGORITHM = sha-1WithRSAEncryption NOT BEFORE = 2021/03/04 00:00:00 UTC NOT AFTER = 2022/03/04 23:59:59 UTC TSS0300I CHKCERT FUNCTION SUCCESSFUL READY TSS RENEW(USER1) DIGICERT(USR1TEST) NADATE(12/30/30) TSS0300I RENEW FUNCTION SUCCESSFUL TSS1624I CERTIFICATE USR1TEST HAS BEEN ADDED TO USER USER1 READY TSS EXPORT(USER1) DIGICERT(USR1TEST) DCDSN('USER1.CERTTOM2') FORMAT(PKCS7DER) TSS0300I EXPORT FUNCTION SUCCESSFUL TSS1625I USER1 CERTIFICATE USR1TEST HAS BEEN PLACED IN USER1.CERTTOM2 TSS1625I CERTAUTH CERTIFICATE TSTINTER HAS BEEN PLACED IN USER1.CERTTOM2 TSS1625I CERTAUTH CERTIFICATE TSTROOT HAS BEEN PLACED IN USER1.CERTTOM2 READY TSS CHKCERT DCDSN('USER1.CERTTOM2') THIS CERTIFICATE IS REGISTERED WITH CA-TOP SECRET DIGICERT = USR1TEST ACCESSORID = USER1 ADMIN BY= BY(USER1 ) SMFID(XXXX) ON(03/11/2021) AT(08:29:06) LABEL = USER1 Cert STATUS = TRUST SERIAL# = 04 ISSUER DISTINGUISHED NAME: .CN=TestInterCert.OU=MyCo.C=US SUBJECT DISTINGUISHED NAME: CN=USER1TEST.OU=MyCo.C=US PRIVATE KEY SIZE = 1024 PRIVATE KEY TYPE = RSA ALGORITHM = sha-1WithRSAEncryption NOT BEFORE = 2021/03/11 00:00:00 UTC NOT AFTER = 2030/12/30 23:59:59 UTC TSS0300I CHKCERT FUNCTION SUCCESSFUL READY END