Re: The new requirement for Certificates to communicate with IBM -- A Journey

Mon, 12 Jun 2023 15:04:37 -0700 

Thank you Charles.

you have just spelled out every single step that I have already performed.  The 
named labels, the download steps (Only the new Intermediate was required)., the 
upload steps, the Cert adds (yes trusted).  the keyring connect to the same 
keyring used for the last successful loads.
I have gone further to display the cert by the long character string value.  
and displayed the cert only to have it tell me "Incomplete" but not why.

It is annoying when you do the same thing that used to work.. that you have 
been assured WILL work.... and it DOES NOT work.

For those of you playing the home game.  Here are some RACF displays

=-=-=-=
racdcert CERTAUTH list(label('GLOBALG2.TLS.RSA.SHA256.#2020CA1'))          
                                                                           
Digital certificate information for CERTAUTH:                              
                                                                           
  Label: GLOBALG2.TLS.RSA.SHA256.#2020CA1                                  
  Certificate ID: 2QiJmZmDhZmjgcfT1sLB08fyS+PT4kvZ4sFL4sjB8vX2S3vy8PLww8Hx 
  Status: TRUST                                                            
  Start Date: 2021/03/29 20:00:00                                          
  End Date:   2031/03/29 19:59:59                                          
  Serial Number:                                                           
       >0CF5BD062B5602F47AB8502C23CCF066<                                  
  Issuer's Name:                                                           
       >CN=DigiCert Global Root G2.OU=www.digicert.com.O=DigiCert Inc.C=US<
                                                                           
  Subject's Name:                                                          
       >CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1.O=DigiCert Inc.C=US< 
                                                                           
  Signing Algorithm: sha256RSA                                             
  Key Usage: CERTSIGN                                                      
  Key Type: RSA                                                            
  Key Size: 2048                                                           
  Private Key: NO                                                          
  Ring Associations:                                                       
   Ring Owner: TECH999    
   Ring:                  
      >SMPEKeyring<       
=-=-=-=-
racdcert id(TECH999) listring(SMPEKeyring)                            
                                                                      
Digital ring information for user TECH999:                            
                                                                      
  Ring:                                                               
       >SMPEKeyring<                                                  
  Certificate Label Name             Cert Owner     USAGE      DEFAULT
  --------------------------------   ------------   --------   -------
  DigiCert Global Root CA            CERTAUTH       CERTAUTH     NO   
                                                                      
  DigiCert Global Root G2            CERTAUTH       CERTAUTH     NO   
                                                                      
  SMPE Client Certificate            ID(TECH999)    CERTAUTH     NO   
                                                                      
  GLOBALG2.TLS.RSA.SHA256.#2020CA1   CERTAUTH       CERTAUTH     NO   
=-=-=-=-

I am beginning to suspect some new evil is afoot in the land of Java -- 
complete with unhelpful cryptic error messages.

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN

Reply via email to