The RACF PKISERV Sample Application
The PKISERV is a sample web application that uses RACF's digital certificate support to enable clients to create and retrieve certificates using a web browser. Requires OS/390 V2R10 with supporting PTFs. This application is intended to replace the IBM HTTP Server's CaServlet application which will no longer be shipped with the product as of Release 10.
The application is made up of sample REXX connector CGIs and an installation customizable configuration file. The end user interface is browser based static HTML pages. These are produced by the REXX CGIs by reading the configuration file. The user is required to have a RACF user ID and password for authentication. The User's (or application's) access to new and existing RACF FACILITY class profiles determine if the user is authorized to generate and retrieve certificates through this interface. Installation customizable certificate templates contained within the configuration file, control which fields are user customizable via the HTML dialogues.
PKISERV consists of these files:
You can download these files either by using your browser or by using anonymous file transfer protocol (ftp). From your browser, select "file" and "save as". For anonymous ftp, use the site public.dhe.ibm.com. PKISERV can be found in the directory /eserver/zseries/zos/racf/pkiserv/. After downloading the archive to your workstation, ftp it in binary to OS/390 and expand using the UNIX command "tar -xf pkiserv.tar". This will create a subdirectory called PKIServ in the current directory. Full installation instructions are in the pkiservReadMe.pdf file.
Licensed RACF customers are free to modify anything in the REXX scripts and/or the configuration file to suit their needs. However, it is strongly recommended that customization be limited to just the configuration file. The expected configuration file modifications are:
Clients should use either of the following web browsers:
This program contains code made available by IBM Corporation on an "AS-IS" basis. Any one receiving this program is considered to be licensed under IBM copyrights to use the IBM-provided code in any way he or she deems fit, including copying it and redistributing it, except that it may be neither sold nor incorporated within a product that is sold. No license under any IBM patents or patent applications is to be implied from this copyright license.
The software is provided "as-is", and IBM disclaims all warranties, express or implied, including but not limited to implied warranties of merchantibility or fitness for a particular purpose.
This page was last updated November 2003.