Hi Sunny
I’ve only recently been getting involved on this forum hence the late response on this - If you’ve managed to resolve this already, please post your findings too as I’m curious if anything has changed.
I had implemented RACF at a client some time back with TLS: this is what I recall in response to your questions:
Yes - the documentation does seem outdated and I imagine you will need to use the new either PUT or PATCH update source API calls. put-source | SailPoint Developer Community
update-source | SailPoint Developer Community
The encryptionKey needs to be produced within the Mainframe and exported as a key file which will be referenced here. The RACF team should be able to do this but this document might help, though I am not 100% certain:
https://www.ibm.com/docs/it/om-shared?topic=SSAUBV/com.ibm.itm.doc_6.2.3/zconfigtems87.html
The keystore will be a custom keystore file that needs to be generated using a keytool utility, I believe this is also done on the Mainframe: https://www.ibm.com/docs/en/semeru-runtime-ce-z/11?topic=guide-ibmzsecurity
The keystore will need to be exported from RACF and then imported on the VA to the /home/sailpoint/certificates folder.
Hope that helps