Doing an insert of a certificates, I get message: ACF6D075 The signing certificate is not a Certificate Authority certificate.

book

Article ID: 40270

calendar_today

Updated On:

Products

CA ACF2 CA ACF2 - DB2 Option CA ACF2 for zVM CA ACF2 - z/OS CA ACF2 - MISC CA PanApt CA PanAudit

Issue/Introduction

Problem:

 

I am trying to insert 3 new certificates.

Cert #1 is self signed ( Root cert) 

Cert #2 is signed by Cert #1 (I am calling this Intermediate #1) 

Cert #3 is signed by Cert #2 (This is the Cert that when we do the insert we get MSG - ACF6D075 The signing certificate is not a Certificate Authority certificate. 

The certificate is inserted without TRUST.

 

Resolution:

Cert #3 was not signed by a CA (Certificate Authority)  A true CA, like Verisign or GoDaddy, etc, do an investigation into the requests to prove who they say they are, they really are.  A self-signed does not go through that process, so it is not trusted and ACF2 can see that on the insert. So it is up to you to decide if this certificate can be trusted. Since you know what you did and have not passed off the information where it could be corrupted or stolen, you know it is trusted so you add the TRUST parm. 

 

CHANGE cert.auth TRUST

Environment

Release:
Component: ACF2MS