75 lines
6.0 KiB
HTML
75 lines
6.0 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="concept" />
|
|
<meta name="DC.Title" content="Reinitialize the Cryptographic Coprocessor" />
|
|
<meta name="abstract" content="If you set up your Cryptographic Coprocessor incorrectly, you can end up with an unusable configuration with which you cannot perform any cryptographic functions and cannot use any of the APIs to recover. For example, you can configure it such that you have no role authorized to set the master key and no role authorized to change or create new roles or profiles. You can call the hardware command for reinitializing the card by using the Cryptographic_Facility_Control (CSUACFC) SAPI." />
|
|
<meta name="description" content="If you set up your Cryptographic Coprocessor incorrectly, you can end up with an unusable configuration with which you cannot perform any cryptographic functions and cannot use any of the APIs to recover. For example, you can configure it such that you have no role authorized to set the master key and no role authorized to change or create new roles or profiles. You can call the hardware command for reinitializing the card by using the Cryptographic_Facility_Control (CSUACFC) SAPI." />
|
|
<meta name="DC.Relation" scheme="URI" content="rzajctroubleshooting.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzajcreinittxtc.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzajcreinittxtrpg.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzajchardware.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="reinitializing" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Reinitialize the Cryptographic Coprocessor</title>
|
|
</head>
|
|
<body id="reinitializing"><a name="reinitializing"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Reinitialize the Cryptographic Coprocessor</h1>
|
|
<div><p>If you set up your Cryptographic Coprocessor incorrectly, you can
|
|
end up with an unusable configuration with which you cannot perform any cryptographic
|
|
functions and cannot use any of the APIs to recover. For example, you can
|
|
configure it such that you have no role authorized to set the master key and
|
|
no role authorized to change or create new roles or profiles. You can call
|
|
the hardware command for reinitializing the card by using the Cryptographic_Facility_Control
|
|
(CSUACFC) SAPI.</p>
|
|
<p>However, in some cases, there may not be a role that is authorized
|
|
to any hardware command. In this case, you must reload the Licensed Internal
|
|
Code by using the function that is provided in Hardware Service Manager in
|
|
System Service Tools.</p>
|
|
<div class="section"><h4 class="sectiontitle">Updating the Licensed Internal Code in the Cryptographic Coprocessor</h4><div class="p">Loading
|
|
the Licensed Internal Code in your Cryptographic Coprocessor erases the master
|
|
key, all private keys, and all roles and profiles that are stored in your
|
|
Cryptographic Coprocessor. Because of this, the server does not automatically
|
|
load PTFs for the Licensed Internal Code in the Cryptographic Coprocessor,
|
|
and the PTFs always require action on your part to enable them. Before you
|
|
load the Licensed Internal Code, take appropriate actions to ensure that you
|
|
can recover, such as ensuring that you have a hard copy of your master key.
|
|
<div class="note"><span class="notetitle">Note:</span> If you randomly generated your master key, you will need to clone that
|
|
key into a second Cryptographic Coprocessor. If you do not, you will lose
|
|
all your encrypted keys when you reinitialize your Cryptographic Coprocessor.</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<ul class="ullinks">
|
|
<li class="ulchildlink"><strong><a href="rzajcreinittxtc.htm">Example: ILE C program for reinitializing the Cryptographic Coprocessor</a></strong><br />
|
|
Change this program example to suit your needs for reinitializing your Cryptographic Coprocessor.</li>
|
|
<li class="ulchildlink"><strong><a href="rzajcreinittxtrpg.htm">Example: ILE RPG program for reinitializing your Cryptographic Coprocessor</a></strong><br />
|
|
Change this program example to suit your needs for reinitializing your Cryptographic Coprocessor.</li>
|
|
</ul>
|
|
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzajctroubleshooting.htm" title="Use these troubleshooting methods to tackle some of the basic problems that may occur with your Cryptographic Coprocessor. If the troubleshooting information does not address your problem, contact your service representative.">Troubleshoot the Cryptographic Coprocessor</a></div>
|
|
</div>
|
|
<div class="reltasks"><strong>Related tasks</strong><br />
|
|
<div><a href="rzajchardware.htm" title="Hardware service manager is a tool for displaying and working with system hardware from both a logical and a packaging viewpoint, an aid for debugging Input/Output (I/O) processors and devices, and is also used to reinitialize the Cryptographic Coprocessor (set it back to an un-initialized state).">Use the Hardware Service Manager</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |