TSS0940I Duplicate Certificate Detected. But It Isn't.

Document ID : KB000047103
Last Modified Date : 14/02/2018
Show Technical Document Details




-The CA Top Secret command CHKCERT executed against the DSN containing the digital certificate shows that it is unknown. 

-Nevertheless, when we try to add that digital certificate to CA Top Secret, we receive the following message: TSS0940I DUPLICATE CERTIFICATE DETECTED along with its serial number.

-Going further the SAFCRRPT report also shows that this digital certificate is unknown. 

-This is occurring when we ADD and REMOVE the same digital certificate many times.





-z/OS 2.1; CA Top Secret r15.0




-Depending on the amount of ADD/REMOVE rate, it might happen that the CA Top Secret in core tables are out of synchronization. 
-Issue the TSS MODI SYNCH to rebuild the in core tables then the digital certificate can be added back to CA Top Secret.


Additional Information: 


-For CA Top Secret r15.0, refer to CA Top Secret for z/OS Control Options Guide; Chapter #2 Specific Control Options --> SYNCH


-For CA Top Secret r16.0, go to docops.ca.com site. Sign-in, select Using --> Specifying Control Options to Modify Your Security Environment --> SYNCH