TSS1573I THE CERTIFICATE digicertname SIGNER NOT FOUND. ADDING CERTIFICATE WITH NO TRUST STATUS

Document ID : KB000053445
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

Installing a new certificate to the CERTSITE acid and receiving message:

TSS1573I THE CERTIFICATE digicertname SIGNER NOT FOUND. ADDING CERTIFICATE WITH NO TRUST STATUS

The following command was issued:

TSS ADD(CERTSITE) DIGICERT(digicertname) DCDSN(DSN) PKCSPASS(password) TRUST

Solution:

This message is issued, when you add a signed certificate back from a third party and it's signer is not yet on the CA Top Secret Security File.

If you add the personal certificate back to the acid, prior to adding the CA certificate to CERTAUTH, you will receive the TSS1573I message, because it cannot find the CA certificate.

After adding the CA cert to CERTAUTH, you need to replace NOTRUST with TRUST on the personal certificate with a:

TSS REPLACE(acid) DIGICERT(cert) TRUST

Please refer to the CA Top Secret Cookbook for more details about maintaining Digital Certificates in CA Top Secret.