When encountering problems setting up digital certificates and keyrings. What documentation is usually required to diagnose the problem?

Document ID : KB000026651
Last Modified Date : 30/08/2018
Show Technical Document Details
Introduction:

Question:

When encountering problems setting up digital certificates and keyrings. What documentation is usually required to diagnose the problem?

Description:

Typically when a site contacts CA-ACF2 support regarding problems related to digital certificates there is specific documentation that is requested to diagnose the problem.

Answer:

The following list describes the documentation that is typically requested when diagnosing problems related to digital certificates and keyrings.

  1. The Server log showing the error messages related to the KEYRING/certificates.
  2. A LIST of the KEYRING that is being used, for example:

    ACF
    SET PROFILE(USER) DIVISION(KEYRING)
    LIST userid.suffix
  3. A CHKCERT DUMP of each certificate in the KEYRING, for example:

    ACF
    CHKCERT userid.cert DUMP
  4. The application's parameter list specification that points to the KEYRING.
  5. Any violations in the ACFRPTRV report for the resource class FACILITY that are related to the failing application.
  6. ACF2 OMVS SECTRACE, this must be set prior to the start of the application STC. The ACF2 UNIX System Service (OMVS) SECTRACE output default destination is the system console.

    To set OMVS SECTRACE from the console:

    SECTRACE SET,ID=mytrace,TYPE=OMVS,FUNC=ALL,END

    To delete/disable the OMVS SECTRACE after re-creating the problem from the console:

    SECTRACE DELETE,ID=mytrace
Instructions:
Please Update This Required Field