Making changes to an existing certificate, rename or change the certificate record name(CERTDATA record name) that is stored in the ACF2 database.

A certificate stored in the ACF2 database cannot be renamed. You can EXPORT the certificate to a z/OS dataset(use password if the certificate has a private key), DELETE the certificate from the ACF2 database, and then INSERT the certificate with the new name from the z/OS dataset. After doing the INSERT the certificate would need be reCONNECTed to any Keyring that the old named certificate was CONNECTed to. 

There is a TSO, ACF CHANGE command that can be used to make changes to certificates stored in the ACF2 database however only the following fields in the CERTDATA profile record can be changed: 

 active date - [active(date)] 

 expire date - [expire(date)] 

 label - [newlabel(label)] 

 trust status - [hitrust | trust | notrust]