There is a need to have the list of RDNs supported which is used to tell the difference between two certificates. Certificates may have some of the RDNs identical, but not all.
Recognized relative Distinguished Names (RDNs) are supported in the SUBJECTN field of the TSS GENCERT command. They are:
C, CN,DC, E, L, M, O, OU, PC, S/SP/ST, T, STREET , and UID.
Note: You can only use one out of the three prefixes S, SP and ST in the TSS GENCERT command.
SSL supports the following RDNs:
CN Common name
DC Domain component
E E-mail address
EMAIL E-mail address (preferred)
EMAILADDRESS E-mail address
O Organization name
OU Organizational unit name
PC Postal code
S State or province
SN Family name
SP State or province
ST State or province (preferred)
For CA Top Secret r15.0, refer to CA Top Secret for z/OS Cookbook; Chapter #5 Digital Certificates --> General Rules to ave more details about TSS GENCERT command.
For CA Top Secret r16.0 go to docops.ca.com site; signon; choose your product CA Top Secret for z/OS - 16.0; click on "Using" link; then click on "Digital Certificates" link; then click on "Generate a Digital Certificate and Add It to an User" to have more information about TSS GENCERT command.