When INSERTing a Certificate PKCS #12 package which includes the CA chain of certificates, how do I prevent the addition of duplicate CA Certificates if the CA Certificates already exist?

book

Article ID: 14926

calendar_today

Updated On:

Products

CA ACF2 CA ACF2 - DB2 Option CA ACF2 for zVM CA ACF2 - z/OS CA ACF2 - MISC CA PanApt CA PanAudit

Issue/Introduction



When INSERTing a Certificate PKCS #12 package which includes the CA chain of certificates, how do I prevent the addition of duplicate CA Certificates if the CA Certificates already exist?

Environment

Release:
Component: ACF2MS

Resolution

When INSERTing a PKCS #12 package which includes the CA chain of certificates there is no duplication of the Root and Intermediate certificates. If the Root and Intermediate certificates already exist just the LAST CHANGED date of the Root and Intermediate certificates is updated. ACF2 INSERT will not allow for duplicate certificates, based on the same serial number and issuer's distinguishedname. If the CA certificate(s) do not exist the CA certificates will be inserted with a record id and label in the CERTAUTH.AUTOnnn format, where the nnn is a number between 0 and 1000.