SSLCALISTLOC= System Option

Specifies the location of digital certificates for trusted certification authorities (CA).
Client: required
Server: optional
Valid in: Configuration file, OPTIONS statement, SAS System Options window, SAS invocation, SAS/CONNECT spawner command line
Category: Communications: Networking and Encryption
PROC OPTIONS GROUP= Communications
Operating environment: UNIX, z/OS
Tip: When additional encryption options are specified on the spawner command line, the options must be included in the -SASCMD value. The spawner does not automatically pass the encryption values. For detailed information about -SASCMD, see Starting the UNIX Spawner in Communications Access Methods for SAS/CONNECT and SAS/SHARE and Options to Start the z/OS Spawner in Communications Access Methods for SAS/CONNECT and SAS/SHARE.
SSL for a SAS/CONNECT UNIX Spawner: Example

SSL on a z/OS Spawner on a SAS/CONNECT Server: Example

Syntax

SSLCALISTLOC=“file–path

Syntax Description

file-path
specifies the location of a file that contains the digital certificates for the trusted certification authority (CA).

Details

The SSLCALISTLOC= option identifies the certification authority that SSL should trust. This option is required at the client because at least one CA must be trusted in order to validate a server's digital certificate. This option is required at the server only if the SSLCLIENTAUTH option is also specified at the server.
The CA list must be PEM-encoded (base64). Under z/OS, the file must be formatted as ASCII and must reside in a UNIX file system.