The below GENCERT command specifying a KEYSIZE of 4096 fails with ACF68001 The SIZE value specified is invalid message.
GENCERT TEST.CERT1 -
LABEL(TEST.CERT1) -
SUBJ(CN='abcd.com' -
O='Broadcom' -
OU='AB' -
L='Lisle' -
S='Chicago' -
C='IL') -
EXPIRE(12/31/30) -
PCICC -
SIZE(4096) -
PKDSLBL(CSF.PKDS.LABEL)
Release : 16.0
The OPTS KEYSIZE parameter needs to be changed to 4096 for GENCERT to work with high strength key:
SET C(GSO)
CHANGE OPTS KEYSIZE(4096)
F ACF2,REFRESH(OPTS)
LIST OPTS