TSS0472E INVALID PRIVATE KEY SIZE      

book

Article ID: 193173

calendar_today

Updated On:

Products

CA Top Secret CA Top Secret - LDAP CA Web Administrator for Top Secret

Issue/Introduction


TSS GENCERT(CERTSITE) DIGICERT(CEMCERT) SIGNWITH(CERTAUTH,SYS5TSS)     SUBJECTN('C=US, O=CA, CN=mvsde29.lvn.broadcom.net') 
          KEYUSAGE('CERTSIGN DOCSIGN') KEYSIZE(4096)                                                                 

Receives a:

TSS0472E INVALID PRIVATE KEY SIZE                                                                                          

 

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

KEYSIZE 4096 is supported by certain key types which is mentioned in the manual.

The signing cert also needs to have keysize of 4096.

If the keysize of the signing cert is not 4096, you will either need to use and existing one already out there or create a new one.