Thanks Mark. The problem is maybe with the English language. Only one word for 'label'.
I think I understand better now. Tom -----Original Message----- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] Behalf Of Mark Cibula Sent: Friday, May 09, 2008 8:51 AM To: [email protected] Subject: Re: Coding the port statement in the TCPIP profile. Hello Thomas and Suleiman, I believe the confusion over label length (and other characteristics) has= arisen due to not considering the type of certificate. For a CA certificate, the label can be as Thomas cited -- up to 200 characters in length, can be mixed-case, and can contain blanks. A SERVER certificate= label (that is/will be specified for securing a port) is restricted to 8 characters in length (this stems from the fact that the file name of the X509INFO file -- used for the *server* certificate request -- is used as = the server certificate label). Since both server and CA certificates need to be 'received' to a CMS file= prior to being stored in the SSL server certificate database, I understan= d the opportunity for confusion... The key here (no pun intended) is to b= e aware of the type of certificate - server or CA -- that one is dealing wi= th. I hope this information helps clarify things... Regards, Mark Cibula; z/VM TCP/IP Support
