When I browse a Digital certificate on the ACF2 database I see the word GENREQ. What does this mean?
search cancel

When I browse a Digital certificate on the ACF2 database I see the word GENREQ. What does this mean?

book

Article ID: 44067

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC PanApt PanAudit

Issue/Introduction

Question:

Why do I see the word GENREQ when I display a digital certificate in the ca acf2 database?

 

Answer:

When a GENREQ request is issued to create a signing request for a user certificate, the word
GENREQ will be added to the display until the signed certificate is entered in the database.

The procedure to follow when creating a certificate and getting it signed is as follows.

1) Enter a GENCERT command to create the certificate (e.g. GENCERT USER01.CERT)

2) Enter a GENREQ command to create a CSR (Certificate Signing Request)
    It will be written to a dataset.  (e.g. GENREQ USER01.CERT DSN(output.dataset)
    When you browse the certificate in the database, it will have GENREQ added.

3) Send the CSR to a signing authority (e.g. Verisign)

4) The returned file will contain a signed certificate.

5) issue an ENTER command in ACF2 to insert the certificate back into the database

    ACF
    SET PROFILE(USER) DIV(CERTDATA)
    INSERT USER01.CERT DSN(signed.cert.dataset)
    END

 

This procedure will insert the signed certificate on top of the self signed certificate
in the ACF2 database.

When you browse the original certificate on the database, the GENREQ will not be there. 

.

 

 

 

   

Environment

Release:
Component: ACF2MS

Resolution

-