The z/OS administrator must configure DCAS so it can communicate with the MSS Administrative Server. In addition, certain configuration steps are necessary in RACF.
The administrator must also create a TLS key database file that contains both the DCAS client’s certificate information and the DCAS server's certificate (public key) information. The MSS Administrative Server and DCAS must exchange public keys and place them in the other's trusted store.
The basic configuration steps include:
Configure RACF services for DCAS.
Configure DCAS and TLS on the z/OS mainframe.
Set up key exchange between the DCAS server and TLS.
Manage keys and certificates using RACF's Common key ring support.
Define a PassTicket profile for each application.
Configure the DCAS server.
Start the DCAS server.
For detailed steps, see Appendix A: Configuring DCAS and RACF on z/OS.