Client certificate documentation

[achmelo]

Is your feature or enhancement request related to a problem or limitation? Please describe As a client of ZSS, I would like to authenticate using the client certificate. What are the requirements for such certificates?

Describe your enhancement idea

I would like to have the documentation that states what steps need to be taken before ZSS accepts my certificate. What does it mean in terms of authorization? Do I need to have permission in SAF to use certain callable services(as it is for JWT in some ESMs) or are these calls done by the server user?

[jordanfilteau1995]

I've been using it with racf during my testing. If you add the client certificate as personal to a userid, then the r_usermap service will correctly identify the userid associated with the client certificate validated in the tls handshake. I haven't done any testing on tss or acf2 yet, but I imagine the steps are similar. I will circle back to this.

[JoeNemo]

Is this clear enough now for @achmelo to proceed? Do we need to meet?

[jordanfilteau1995]

There should probably be better documentation, but I don't have time right now.