To share a certificate with multiple users, it must be owned by CERTSITE.

How do you change ownership to CERTSITE?

1. EXPORT the certificate 

TSS EXPORT(USERA) DIGICERT(USERCERT) DCDSN(dataset) FORMAT(PKCS12DER) PKCSPASS(USERCERT) 

2. Verify EXPORT was sucessfull 

TSS CHKCERT DCDSN(datasetname) PKCSPASS(USERCERT) 

3. Delete the certificate from the security file 

TSS REM(USERA) DIGICERT(USERCERT) 
 
4. Add certificate back under new owner 

TSS ADD(CERTSITE) DIGICERT(USERCERT) DCDSN(datasename) PKCSPASS(USERCERT) LABLCERT('USERA Certificate')  TRUST 
 

5. Re-add certificate back to the keyrings it is needed on.

TSS ADD(started_task_acid) KEYRING(keyringname) RINGDATA(CERTSITE,digicertname) USAGE(PERSONAL) DEFAULT 

started_task_acid - Substitute the appropriate acid for your started tasks applications that need the certificate.

keyringname - Substitute the keyring name.

digicertname - Substitute the digicertname you used for the certificate you moved to CERTSITE.