Question:
Why do I see the word GENREQ when I display a digital certificate in the ca acf2 database?
Answer:
When a GENREQ request is issued to create a signing request for a user certificate, the word
GENREQ will be added to the display until the signed certificate is entered in the database.
The procedure to follow when creating a certificate and getting it signed is as follows.
1) Enter a GENCERT command to create the certificate (e.g. GENCERT USER01.CERT)
2) Enter a GENREQ command to create a CSR (Certificate Signing Request)
It will be written to a dataset. (e.g. GENREQ USER01.CERT DSN(output.dataset)
When you browse the certificate in the database, it will have GENREQ added.
3) Send the CSR to a signing authority (e.g. Verisign)
4) The returned file will contain a signed certificate.
5) issue an ENTER command in ACF2 to insert the certificate back into the database
ACF
SET PROFILE(USER) DIV(CERTDATA)
INSERT USER01.CERT DSN(signed.cert.dataset)
END
This procedure will insert the signed certificate on top of the self signed certificate
in the ACF2 database.
When you browse the original certificate on the database, the GENREQ will not be there.
.
-