When INSERTing a Certificate PKCS #12 package which includes the CA chain of certificates, how do I prevent the addition of duplicate CA Certificates if the CA Certificates already exist?

Document ID : KB000014926
Last Modified Date : 14/02/2018
Show Technical Document Details
Question:

When INSERTing a Certificate PKCS #12 package which includes the CA chain of certificates, how do I prevent the addition of duplicate CA Certificates if the CA Certificates already exist?

Answer:

When INSERTing a PKCS #12 package which includes the CA chain of certificates there is no duplication of the Root and Intermediate certificates. If the Root and Intermediate certificates already exist just the LAST CHANGED date of the Root and Intermediate certificates is updated. ACF2 INSERT will not allow for duplicate certificates, based on the same serial number and issuer's distinguishedname. If the CA certificate(s) do not exist the CA certificates will be inserted with a record id and label in the CERTAUTH.AUTOnnn format, where the nnn is a number between 0 and 1000.