docs-site
docs-site copied to clipboard
zowe
Issue with docs.zowe.org/stable/user-guide/configure-certificates
Description
Pages to Update
It says
Zowe supports using either file-based (PKCS12) or z/OS key ring-based (when on z/OS) keystores and truststores, and can reuse compatible stores if they exist. Zowe can assist in creating the stores by either generating certificates or by allowing users to import their own compatible certificates via the zwe init certificate command.
I believe that PKCS12 (or .pem) files are not considered very secure - but you need to check with the security people. Anyone with super user authority can access this .pem file, and so steal your private key.
If you use a keyring, you have to explicity grant someone access to the keyring to be able to use it - and give them control/update access to the ring to be able to use any private key on the ring.
Take our Certificates Configuration Questionnaire to assist with determining which configuration scenario and associated zowe.yaml format best suits your use case.
broken link
