ACF2 Cannot delete record - RECORD WAS TARGET OF GENREQ COMMAND

book

Article ID: 210454

calendar_today

Updated On:

Products

CA ACF2 CA ACF2 - MISC CA ACF2 - z/OS

Issue/Introduction

Attempting to delete a certificate that was GENREQ'd creates the following message, why is this?

Cannot delete record - RECORD WAS TARGET OF GENREQ COMMAND

Resolution

Once a GENCERT of a certificate is performed, ACF2 will prevent deletion of the certificate so the private key is not lost. If the intent is not to send the CSR to be signed and re-INSERTed on top of the certificate that was GENREQ'd, the protection mechanism can be overridden as follows:

ACF
SET PROFILE(USER) DIV(CERTDATA)
DELETE userid.suffix FORCE

The FORCE parameter allows the deletion of a certificate that was GENREQ'd.