- The ACF2 GENCERT command supports the ALtname parameter which specifies the IP, DOMAIN, EMAIL, or URI values for the subjectAltName extension. One or more of the values can be specified however multiple entries of the same type are not supported, for example two DOMAIN or two IP values cannot be specified but one DOMAIN, one IP, one EMAIL and one URI value can be specified in the ALTNAME parameter.
- The correct separator character to use within the ALTNAME parameters IP, DOMAIN, EMAIL, or URI of GENCERT is a blank.
Certificates that need more than one value in type DOMAIN can be created with an application such as the gskkyman utility, openSSL, Keytool or through the use of an External Certificate Authority. Those certificates can then be INSERTed or IMPORTed into the ACF2 security database.