Managing SSL security and certificates

You can make the connection between z/OS® Explorer and your systems more secure by using the Secure Sockets Layer (SSL).

1. Use the appropriate method to open the Preferences window:
   • Windows or Linux: Click Window > Preferences on the workbench menu bar.
   • OS X: Click IBM Explorer for z/OS > Preferences on the main menu.
2. Expand Explorer and click Certificate management.
3. Clear the checkbox Disable certificate management for secure connections.
4. In the Trust store details section field, enter the full path and file name of the file where the certificates are saved. You can also click Browse to navigate to the file.
5. In the Pass phrase field, enter the password for this truststore. The default passphrase for the z/OS Explorer generated file is changeit.
6. In the Store type field, select the format of the keystore file. The type of the z/OS Explorer generated file is JKS
7. To use the same file for both keystore and truststore, select the check box Use same details as for trust store. To use a different file, leave the check box cleared and enter the path and file name of the keystore, and the passphrase.
8. In the Smart card details field, select Use Windows cryptography services for the Windows operating system, which uses the standard Windows cryptography mechanism. To use a PKCS11 driver (mandatory on Mac OS and Linux operating systems), select Use PKCS11 driver and specify the driver path and PIN.
9. If you are instructed by your network administrator, select the correct protocol for your organization in the Secure socket protocol field.
10. Click Apply and OK to save your settings and close the window.