RACF digital certificates have a LABEL, up to 32 characters. I'm trying to avoid adding a cert and getting one or more LABELnnnnnnnn certs. For example, a CHECKCERT on a z/OS dataset shows three certs, each not showing a label, chain is complete. My experience is when I add 'the' cert file to RACF, it will successfully add the top cert, and also add the other two certificates, typically intermediate and root 'signing' certs, with labels LABELnnnnnnnn naming convention. That is not what I desire, so I delete the two new LABELnnnnnnnn, if I catch it. If not, I have clutter.
My experience is I run one RACDCERT ADD, I get three, the other two are junk. Is there a conventional RACF method to just add the desired certificate? Not the others in the chain? Push back to cert file provider to have ONLY one cert in the z/OS dataset? Continue to catch the two junk/clutter certs and delete after the single ADD? Something else/better? Thanks... - Matt ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
