At Broadcom we’ve have customers that have experienced similar issues and we’ve suggested the same workaround that Charles describes with no issues. The CSR generation functionality is platform dependent (ie RACF’s restriction) but the process is the same for all certs regardless of where they are initiated.
Matt Hogstrom “It may be cognitive, but, it ain’t intuitive." — Hogstrom > On Jun 8, 2023, at 11:29 AM, Charles Mills <[email protected]> wrote: > > Yes, you can generate a CSR, typically including multiple SANs, with OpenSSL > (any platform), gskkyman, or even on a CA Web site (or in the case of an > in-house CA, using their certificate management tools). > > Yes, you should be able to import that certificate when signed and its > private key into RACF. Check out RACDCERT IMPORT. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
