Question:
After INSERTing new certifiactes and KEYRING is there a ACF2 REFRESH or REBUILD required to activate the new profile records?
Answer:
Certificate(CERTDATA profile records) do not need to be activated after insertion,
modification, generation, or deletion. Each command handles updating the
in-core storage used by certificate processing. However KEYRING profile data records
need to be activated after insertion or changes, use the following console command to
activate a newly created or changed KEYRING profile data record:
f acf2,rebuild(usr),class(p),division(keyring)
f acf2,omvs
Additional Information:
Details on ACF2 Keyring and Certificates can be found in the CA ACF2 for z/OS Administration Guide in
Chapter 3: Maintaining Logonid Records sections 'KEYRING Profile Data Records' and 'CERTDATA Profile Data Records'.