Receiving "INVALID CERTIFICATE DATA _ CA CHAIN DATE ERROR" when trying to install a new certificate (PKCS12 format) in ACF2. 

Release : 16.0

Component : ACF2 for z/OS

The signing certificate dates must have to be within the date range of certificate it's signing.

The CHKCERT data shows the issue with two certificate dates. As an example, the signing certificate "Not valid after date" is 2024/09/23, while the certificate it's signing "Not valid after" date is 2030/12/05.

ACF2 is working as designed and checking the valid dates for signing certificate chain.

There are two options to fix this:

1. Get a PKCS12 package with valid signing chain from external CA

2. Get a personal server cert in a package of its own to insert in ACF2