Certificates and keyrings are deleted when a user is deleted - is this correct or a bug?
Release : 16.0
It is correct that certificates and keyrings will be deleted when a user that owns the keyring and certificates is deleted.
When you create a certificate that has a HLQ the same as a logonid it gets "associated" with that logonid.
List a logonid ..
ACF
LIST logonid PROFILE(ALL)
END
You will see something like this...
USERA USERA USERA
COMPANY() DEPT() IDNUM() LEVEL() LOCATION() OLDLID()
OWNER() OWNTYPE() POSITION() PROJECT() SITE()
CERTDATA /USERA.CERT
CERTNSER(0000000000000001) ISSUERDN(CN=USERA)
KEYSIZE(2,048) LABEL(USERA.CERT) SERIAL#(00)
SUBJDN(CN=USERA) TRUST
Certificate is connected to the following key rings:
Key ring record: USERA.RING
Key ring name:
USERA.ring
KEYRING / USERA.RING
DEFAULT(USERA.CERT) RINGNAME(USERa.ring)
The following certificates are connected to this key ring:
CERTDATA record Label Usage
----------------- -------------------------------- --------
USERA.CERT USERA.CERT PERSONAL
OMVS / USERA HOME(/u/usera) OMVSPGM(/bin/sh) UID(55,609)
When you delete the logonid record it will also delete all profile records that are also owned by the user, including certificates and keyrings.