How does CA Top Secret determine if a duplicate certificate exists on the security file.
I had a problem creating a digital certificate to use for authentication to a non-z/OS server platform.
We are in the process of adding a number of certificates that will be used for authentication between the mainframe and servers and need to know how to create them correctly so we can establish a standard to create working certificates in a predictable way.
When creating the certificate in CA Top Secret with the TSS GENCERT command, the DIGICERT and LABEL keyword values did not match an other certificate. However, the Distinguished Name value in SUBJECTN keyword, the server name, did.
I was only able to add the certificate after removing it from the ACID that already had the same SUBJECTN value.
What determines whether a certificate is a duplicate?
Release: TOPSEC00200-15-Top Secret-Security
The following determines whether the certificate is a duplicate:
You can have a duplicate LABLCERT as long as the owning acids are different.
USERA has a DIGICERT name of CERTA with LABLCERT(JOE) and USERB has a DIGICERT name of CERTB with LABLCERT(JOE).