After INSERTing new certifiactes and KEYRING is there a ACF2 REFRESH or REBUILD required to activate the new profile records?
Certificate(CERTDATA profile records) do not need to be activated after insertion,
modification, generation, or deletion. Each command handles updating the
in-core storage used by certificate processing. However KEYRING profile data records
need to be activated after insertion or changes, use the following console command to
activate a newly created or changed KEYRING profile data record:
Details on ACF2 Keyring and Certificates can be found in the CA ACF2 for z/OS Administration Guide in
Chapter 3: Maintaining Logonid Records sections 'KEYRING Profile Data Records' and 'CERTDATA Profile Data Records'.