i want to use gencert to create a user certificate. What will be used as the SUBJDN if I do not specify one?
search cancel

i want to use gencert to create a user certificate. What will be used as the SUBJDN if I do not specify one?

book

Article ID: 24492

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC PanApt PanAudit

Issue/Introduction

What is used as a default for SUBJDN in a GENCERT command if one is not specified?

 

 

 

Environment

Release:
Component: ACF2MS

Resolution

The CA ACF2 Administrator's guide - Chapter 25 Digital Certifate Support states that the default SUBJDN(subject's distinguished name) is generated with CN='ACF2 USER:logonid'

Using this example..

GENCERT JDOE1.CERT 

If no subject dn is specified on the gencert CA ACF2 will use the name field from the logonid record.
e.g. SUBJDN(CN=JOHN DOE)

 If there is no name field in the logonid record CA ACF2 will use CN='ACF2 USER:logonid'. 
in this example SUBJDN(CN=ACF2 USER:JDOE1)


this format will also be used if the logonid record does not exist in the ACF2 database.
SUBJDN(CN=ACF2 USER:JDOE1)

 

Powered by Wolken Software