DFHAM4928 E applid Install of {TCPIPSERVICE | CORBASERVER | IPCONN | URIMAP} resourcename failed because the specified certificate attname {is expired | is not yet current | does not have a private key | is not trusted | is not found}.
Explanation
Resource resourcename cannot be installed because the specified certificate is unusable. An explanatory phrase in the message describes why:
- is expired
-
The date and time at which the certificate is no longer valid has already passed.
- is not yet current
-
The date and time at which the certificate is to become active has not yet been reached.
- does not have a private key
-
The specified certificate does not have a private key. SSL with client authentication is only possible if you possess the private key associated with the certificate.
This error may occur if the user does not have access to the private key due to a lack of authority to access IRR.DIGTCERT.GENCERT.
- is not trusted
-
The certificate has been given the NOTRUST attribute by the security administrator. This indicates that the certificate is not to be used.
- is not found
-
The certificate is not found.
System action
The resource is not installed.
User response
Replace the certificate in the keyring with one that is usable, or specify a different certificate.
For a message insert of 'does not have a private key' check the system log for RACF messages that indicate a lack of authority to access IRR.DIGTCERT.GENCERT.
Module
DFHAMPXMEOUT parameters/Message inserts
- applid
- Value chosen from the following options:
7=TCPIPSERVICE, 8=CORBASERVER, 9=IPCONN, 10=URIMAP - resourcename
- attname
- Value chosen from the following options:
1=is expired, 2=is not yet current, 3=does not have a private key, 4=is not trusted, 5=is not found
Destination
Console and Terminal End User