Oops, my bad, did not read that last entry, you tried SITE. Let me go check my notes and try again.
Al Nims Systems Admin/Programmer 3 Information Technology University of Florida (352) 273-1298 -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of [email protected] Sent: Wednesday, April 22, 2015 9:09 AM To: [email protected] Subject: Alter TRUST status on a certificate All, I am new to this certificate stuff. I have inherited this certificate in my RACF data base (apparently the only one that has a private key somewhere, no ICSF in use, and I have all RACF privileges): Label: WebSphereCA Certificate ID: 2QiJmZmDhZmjgeaFguKXiIWZhcPB Status: TRUST Start Date: 2009/11/12 07:00:00 End Date: 2019/01/01 06:59:59 Serial Number: >00< Issuer's Name: >CN=WAS CertAuth for Security Domain.OU=BBNBASE< Subject's Name: >CN=WAS CertAuth for Security Domain.OU=BBNBASE< Key Usage: CERTSIGN Key Type: RSA Key Size: 1024 Private Key: YES Ring Associations: *** No rings associated *** I want to change the trust status to NOTRUST, which I currently don't see a way (rlist digtcert tells me it has application data=irrcerta): racdcert alter(label('Websphere CA')) notrust -> IRRD105I No certificate information was found for user myuserid. racdcert alter(label('Websphere CA')) notrust id(irrcerta) -> IRRD102I The user ID specified is not defined to RACF (same for IBMUSER, which was the id it was installed under) racdcert alter(label('Websphere CA')) notrust certauth -> IRRD107I No matching certificate was found for this user. (Is this irrcerta? If so, why isn't it found?) racdcert alter(label('Websphere CA')) notrust site -> IRRD105I No certificate information was found for user irrsitec. How do I address this certificate? Barbara ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
