What are the considerations  if the KEYSIZE in the ACF2 GSO OPTS is changed ? Are the existing certificates affected if the KEYSIZE in the GSO OPTS is changed from 2048 to 4096 ?

Release:
Component: ACF2MS

The KEYSIZE option defined in the OPTS record limits the size of a key pair that is created using the GENCERT or REKEY commands. The values of this option may be 2048 or 4096 The GSO OPTS record KEYSIZE sets the upper limit on the GENCERT or the REKEY. The size of the certificate key can only be set when the certificate is created . So changing the GSO OPTS will have no effect on existing certificates. The only other consideration is that all LPARs that share the databases must have the be at an ACF2 level(ACF2 r14 or above) that can support certificates with a 4096 bit key size.

More information about the KEYSIZE and other options can be found in the following link: CA ACF2 Options Specifications (OPTS)