The present invention provides a method, system, and computer program product for enabling a user to provide a single system sign-on for accessing one or more legacy host applications and/or one or more systems which provide legacy host data (such as legacy database systems) during a secure host access session which is authenticated using a digital certificate and is protected by a host-based security system, such as RACF (Resource Access Control Facility, a product offered by the IBM Corporation), where the same set of credentials must be provided more than once during the secure session. The subsequent provision of the credentials may be transparent to the user, and does not require change to existing legacy applications or systems.