Running CSM2ZOSM to migrate SMPCSI to zOSMF, received "Certificate is expired or is not valid" error.
***************************************************************
** About to get zones for CSI predix.CSI
** Following target zones found: "CAIT0"
***************************************************************
** z/OSMF Software Instance Single REST API Call (Begin) **
User defined values:
ZosmfUri = https://xxxxxxx.xxx.xxxxxxxx.xxx
ZosmfUser = user01
ZosmfPw = xxxxxxxx
SafKeyRing = izusvr/IZUKeyring.IZUDFLT
AddJson = : "name": "SYST", "system": "SYST", "description": "Migrated from CA
CSM", "globalzone": "prefix.CSI", "targetzones": : "CAIT0" : :
*ERROR* (hwthconn) at time: 16:29:55
Rexx RC: 0, Toolkit ReturnCode: 262
DiagArea.Service: 1441793
DiagArea.ReasonCode: 401
DiagArea.ReasonDesc: Certificate is expired or is not valid yet
** hwthconn failure **
ERROR Connection to the Server Failed
***
The digital certificate information to be associated to zOSMF server need to be checked :
TSS LIST(zosmf server acid) DIGICERT(digicert name)
DIGICERT = digicert name ACCESSORID = zosmf server acid
ADMIN BY= BY(acid ) SMFID(sysetm) ON(08/06/2020) AT(13:58:21)
LABEL = label_name
STATUS = TRUST
SERIAL# = 02
ISSUER DISTINGUISHED NAME:
.CN=common-name.OU=organizational-unit-name
SUBJECT DISTINGUISHED NAME:
CN=HOST NAME.OU=organizational-unit-name.O=organizational-name
PRIVATE KEY SIZE = 1024
PRIVATE KEY TYPE = RSA
ALGORITHM = sha-1WithRSAEncryption
NOT BEFORE = 2020/08/06 00:00:00 UTC
NOT AFTER = 2021/05/17 23:59:59 UTC
Check the validity dates specified in "NOT BEFORE" and "NOT AFTER" to verify that the certificate is valid.
If the date is out of range and the certificate is not valid, REMOVE and GENCERT the valid certificate.
TSS REMOVE(zosmf server acid) DIGICERT(digicert name)
TSS GENCERT(zosmf server acid) DIGICERT(digicert name) -
SUBJECTN('CN="HOST NAME" OU="organizational-unit-name" O="organizational-name"') -
LABLCERT('label_name') -
SIGNWITH(acid,digicert) -
NADATE(05/17/23)