Find If TSS Certificate From 'Download Server Certificate is being replaced' Critical Alert On System
search cancel

Find If TSS Certificate From 'Download Server Certificate is being replaced' Critical Alert On System

book

Article ID: 238907

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

The Broadcom Support Portal has a Critical Alert for 'Download Server Certificate is being replaced'. How do you find if this digital certificate is in Top Secret?

Environment

Release : 16.0

Component : Top Secret for z/OS

Resolution

To check if this certificate is in Top Secret, run the Top Secret CERTUTIL report with the following:

USER(CERTAUTH) DETAIL FIELDS(EXPIRE,SERIAL,SUBJECT)

If you see a certificate with the following in the output, then that is the Intermediate certificate that needs to be replaced (using the instructions in article 238330):

User - CERTAUTH Digicert - certname    Signed by:  None - No Record Found     
          Serial #  -     01FDA3EB6ECA75C888438B724BCFBC91                    
          Subject DN -    CN=DigiCert SHA2 Secure Server CA.O=DigiCert Inc.C=U
                          S                                                   
          Expire Date     2023/03/08                                          

Sample jcl for the CERTUTIL utility can be found in member CERTUTIL in the Top Secret r16 CAKOJCL0 library. The CERTUTIL utility is documented here:

CERTUTIL Utility

Powered by Wolken Software