Note on usage
Function: Show properties of RSA keys
User group: FT administrator
This command must be called under TSO.
Functional description
You can use the FTSHWKEY command to output the properties of RSA keys. You can display the RSA keys of your own instance as well as the RSA keys of partners.
Format
FTSHWKEY |
SELECT = *ALL / *OWN / *PARAMETERS (...) *PARAMETERS(...) PARTNER-NAME = *ALL / <name 1..8> ,EXPIRATION-DATE = *NOT-SPEC IFIED / *NONE / *EXCEEDED / *UNTIL(DATE = <date 8..10>) / *WITHIN(DAYS = <integer 1..1000>) ,OUTPUT = *STDERR (...) / *STDOUT(...) *STDERR (...) / *STDOUT(...) LAYOUT = *STD / *CSV |
Operands
SELECT =
Selects which keys are to be displayed.
SELECT = *ALL
Displays the keys of your own instance and the installed keys of all the partner systems.
SELECT = *OWN
Displays the keys of your own instance.
SELECT = *PARAMETERS(...)
Specifies selection criteria for the keys which are to be displayed.
PARTNER-NAME =
Partner whose key is to be displayed.
PARTNER-NAME = *ALL
Displays the installed keys of all partners.
PARTNER-NAME = <name 1..8>
Name of the partner whose key is to be displayed.
EXPIRATION-DATE =
Selects keys on the basis of their expiration date.
EXPIRATION-DATE = *NOT-SPECIFIED
The keys of the partners are displayed irrespective of their expiration date.
EXPIRATION-DATE = *NONE
Displays all partner keys that do not have an expiration date.
EXPIRATION-DATE = *EXCEEDED
Displays all partner keys that have already expired.
EXPIRATION-DATE = *UNTIL(...)
Displays all partner keys that will become invalid by a particular date.
DATE=<date 8...10>
Date in the format yyyy-mm-dd or yy-mm-dd, e.g. 2018-03-31 or 18-03-31 for March 31, 2018, by which date the keys will become invalid. The time on the specified day is 00:00 local time.
EXPIRATION-DATE = *WITHIN(...)
Displays all partner keys that will expire within the specified number of days.
DAYS = <integer 1...1000>
Number of days within which the keys will become invalid. The time on the last day of the period is 00:00 local time.
OUTPUT =
Output medium for the requested information.
OUTPUT = *STDERR (...)
Output is written to SYSTSPRT or to SYSERR if this DDNAME is defined. When the command is called from a Unix or Windows system using ftexec, ftexec writes the output there to stderr.
OUTPUT = *STDOUT(...)
Output is written to SYSPRINT. When the command is called from a Unix or Windows system using ftexec, ftexec writes the output there to stdout.
LAYOUT = *STD
Output takes place in a format which is easy for the user to read.
LAYOUT = *CSV
Output takes place in Character Separated Values format. This is a table-type format which is widely used, especially in the PC environment, and in which the individual fields are separated by a semicolon “;“ (see section “FTSHWKEY”).
Example
|
Explanation:
CRE-DATE
Date on which the key was generated.
EXP-DATE
Date on which the key expires. The time on the specified day is 00:00 local time. EXPIRED means that the key has already expired.
If there is no specification here then there is no expiration date.
KEY-LEN
Key length in bits: 768, 1024 or 2048
KEY-REF
Key reference
AUTHL Authentication level: 1 or 2
PARTNER
Partner’s name. This field is left empty for keys belonging to your own instance.
IDENTIFICATION
Partner’s instance ID. This field is left empty for keys belonging to your own instance.