>What I cannot find is the name or source of this unnamed thing. Name: IBM uses certificates with chains ending in two different DigiCert roots with very similar names. This is a source of confusion.
DigiCert Global Root CA DigiCert Global Root G2 Someone else posted with servers use which. Get the right one! Where to get them: Google <digicert root download>. Find the one you want. Click "Download pem." Open it in a text editor on your PC. It should look like -----BEGIN CERTIFICATE----- MIIFZDCCA0ygAwIBAgIQBs7hMb5tVcgH98DH+0TmIDANBgkqhkiG9w ... -----END CERTIFICATE----- Copy and Paste that into an ISPF edit session. Save it in a dataset (NOT a PDS member; a real QSAM dataset -- VB 255 is good.) Do not edit it in any way. The BEGIN and END lines must remain there. Then do a RACDCERT ADD with CERTAUTH and TRUST. The most convenient keyring is *AUTH*/* which is a "virtual" keyring that automagically contains all CERTAUTH certificates. Charles On Mon, 12 Jun 2023 00:09:43 -0500, Tom Longfellow <tom.longfel...@courts.state.md.us> wrote: >Thanks Charles. > >I have come to the same conclusion that I am missing an "appropriate" >certificate. > >What I cannot find is the name or source of this unnamed thing. And sometimes >when I find appropriate certs I am presented with barriers to acquiring them. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
