CA Top Secret Security for z/OS - MVS DB information.

Document ID : KB000048466
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

Is it possible to use a CA Top Secret r15.0 Security DB (VSAM File) in a CA Top Secret r14.0 Region?

Solution:

CA Top Secret r15.0 requires the VSAM Security File Extension be used with the regular (BDAM) Security File.

If you will be using Top Secret r15.0 to setup the VSAM Security File Extension, you can share a r15.0 created Security File with r14.0, or back-out r15.0 to r14.0 using the r15.0 created Security File, if, one of the following is true:

  1. You do not have a Certificate with a large SDN (Subject's Distinguished Name) or SN.IDN (Serial Number and Issuer's Distinguished Name).

    ...or:

  2. If you have a Certificate with a large SDN (Subject's Distinguished Name) or SN.IDN (Serial Number and Issuer's Distinguished Name), the following r14.0 maintenance must be

    APPLY'd:
    RO22826
    RO22243
    The best thing to do for this, is, APPLY the Support for z/OS v1.12 which includes the Long Name Support.

For more information on setting up the VSAM Security File Extension:

  • For CA Top Secret r15.0, see the r15.0 'Installation Guide', chapter 7, section titled 'Creating the Security File', subsection titled 'Create the VSAM File' and Appendix A, section titled 'Convert SDT Records to VSAM'.

  • For CA Top Secret r14.0, see the r14.0 'Installation Guide', chapter 4, section titled 'Create the Security File', subsection titled 'Create the VSAM File (Optional)' and Appendix B, section titled 'Convert SDT Records to VSAM')

If you are sharing the SECFILE and using a VSAM Companion File, you will need to create the AIX File, which is also mentioned in the 'Installation Guide' under 'Creating the SECFILE' section.

If you will be using CA Top Secret r14.0 to set up the VSAM Security File, once the VSAM Security File has been set up per the 'Installation Guide', youcan share between Top Secret r14.0 and r15.0.