Top Secret or the other security software (ACF2 , RACF) do not support genning multiple altname segment for a digital certificate. Other clients that needed this functionality needed to go to an outside CA to obtain the certificate.
Once the CA supplied the certificate they were then able to add it to Top Secret. (CA = Certificate Authority)
Genning a certificate request via GSKKYMAN with two domains.
These are the steps:
1. GSKKYMAN - gen a request with two domains
2. export the request PK10 to MVS
3. Use the PK10 as input for a GENCERT - will need a signing certificate
TSS GENCERT(CERTSITE) DIGICERT(XXXXX) DCDSN(PK10 file) signwith(xxxx,yyyy)
You should now have a certificate with two domains.
4. Add the certificate to the keyring, both the new one (two domain) and the signer.