Sharing KEYRINGs across multiple CPUs or LPAR

Document ID : KB000096823
Last Modified Date : 17/05/2018
Show Technical Document Details
Introduction:
Can you share KEYRINGs across multiple CPUs or LPAR
Question:
Can you share a keyring against multiple LPARs or CPUs?

Is that method recommended? 
Answer:
Sharing the same keyring name across multiple systems is a matter of choice. Its not wrong or right., but they have disadvantages advantages. 

Using the same keyring name and certificate across multiple systems make administration easier. Not having to remember each keyring name for each system and which certificate belongs where. 

The drawback is, what happens if someone steals the certificate. They will be able to use it to establish and SSL connection. They will still need credential to logon to the FTP server, but that is one layer of security they no longer have to deal with. They have multiple angles of attack since multiple systems share the certificate. 

You need to weigh the pros and cons to best fit your needs.