I had a problem creating a digital certificate to use for authentication to a non-z/OS server platform.
We are in the process of adding a number of certificates that will be used for authentication between the mainframe and servers and need to know how to create them correctly so we can establish a standard to create working certificates in a predictable way.
When creating the certificate in CA Top Secret with the TSS GENCERT command, the DIGICERT and LABEL keyword values did not match an other certificate. However, the Distinguished Name value in SUBJECTN keyword, the server name, did.
I was only able to add the certificate after removing it from the ACID that already had the same SUBJECTN value.
What determines whether a certificate is a duplicate?