Received a P7B file from a Certificate Authority, uploaded to a dataset with correct VB and LRECL.
ACF INSERT of P7B file, gets the ACF00178 INVALID CERTIFICATE DATA - FORMAT error error.

Viewing the z/OS dataset, shows the first line says BEGIN PCKS7 and NOT BEGIN CERTIFICATE.

Is the .P7B format supported by ACF2?

Release : 16.0

A PKCS7 Base64 encoded ASCII  X.509 digital certificate which is supported by the three ESMs(ACF2, TOP Secret and RACF), when browsed from a z/OS dataset should start with '-----BEGIN CERTIFICATE-----' and end with '-----END CERTIFICATE-----'. Based on the BEGIN PCKS7 and NOT BEGIN CERTIFICATE statements in the file and the ACF00178 message the .P7B file is not a supported z/OS ESM format.

There are two options to address the issue.

• Request a PKCS7 Base64 encoded ASCII  X.509 digital certificate from the Certificate Authority.
• Use Windows to convert the *.p7b file to a .cer Base64 encoded X.509 ASCII certificate. This can be done by using the Windows Certificate wizard to import the .P7B file and then EXPORT the imported certificate(s) in Base-64 encoded X.509(.cer) format.