Your Cryptographic Coprocessor uses the EID to verify which Coprocessor created a key token. It uses the clock for time and date stamping and to control whether a profile can log on.
Your Coprocessor stores the EID as an identifier. The easiest and fastest way to set the EID is to use the Cryptographic Coprocessor configuration web-based utility found off of the System Tasks page at http://server-name:2001. The utility includes the Basic configuration wizard that is used when the Coprocessor is in an un-initialized state. If the Coprocessor already has been initialized, then click on Manage configuration and then click on Attributes to set the EID.
If you would prefer to write your own application to set the EID, you can do so by using the Cryptographic_Facility_Control (CSUACFC) API verb. Two example programs are provided for your consideration. One of them is written in ILE C, while the other is written in ILE RPG. Both perform the same function.
Your Cryptographic Coprocessor copies the EID into every PKA key token that your Coprocessor creates. The EID helps the Coprocessor identify keys that it created as opposed to keys that another Coprocessor created.
The Coprocessor uses its clock-calendar to record time and date and to determine whether a profile can log on. The default time is Greenwich Mean Time (GMT). Because of its function, you should set the clock inside your Coprocessor before removing the default role's capability of setting it.
The easiest and fastest way to set the clock is to use the Cryptographic Coprocessor configuration web-based utility found off of the System Tasks page at http://server-name:2001. The utility includes the Basic configuration wizard that is used when the Coprocessor is in an un-initialized state. If the Coprocessor already has been initialized, then use click on Manage configuration and then click on Attributes to set the clock.
If you would prefer to write your own application to set the clock, you can do so by using the Cryptographic_Facility_Control (CSUACFC) API verb.