With the RACF (SAF) classes enabled and configured, the setup process can continue with token generation, binding of certificate, and Identity Token Support permission configuration. Within the PROCLIB library are example batch jobs to support these steps. There is also a consolidated member in the PROCLIB library named $SETUP which contains all steps together.
Token Creation – TRDGTOKN
Teradata provides the program TRDGTOKN to support token creation, deletion, and listing.
The program supports the following functions/parms:
- CREATE=TERADATA.TTU.PKCS11.TOKEN,APPLID=RACFJWT
- DELETE=TERADATA.TTU.PKCS11.TOKEN
- LIST=TOKEN
It is necessary to use the TRDGTOKN program to create your token. This should be performed by a user within the security officer role. Within member STEP1 in the PROCLIB library you will find a sample batch job that performs these functions.
You must not change the token name or the APPLID.