EZD1140I

Explanation
 The subject name or one of the subject alternate
names in the certificate used  by the network security services (NSS)
server must match the Identity parameter on either the  NetworkSecurityServer
keyword or the NetworkSecurityServerBackup keyword of the IkeConfig
 statement.   
 The Internet Key Exchange (IKE) daemon will
not use network security services and will not be  available for remote
management until the condition is resolved.

System action
 The IKE daemon will periodically try to connect
to the server specified by the NetworkSecurityServer keyword and the
server specified by the NetworkSecurityServerBackup keyword as configured
using the NssWaitLimit and  NssWaitRetries keywords of the IkeConfig
statement.  See the information about the IKE daemon in z/OS Communications Server: IP Configuration
Reference for more information about  these keywords.

Operator response
 Contact the system programmer.

System programmer response
 Check the NetworkSecurityServer keyword
or the NetworkSecurityBackup keyword of the IkeConfig  statement.
 See the information about the IKE daemon in z/OS Communications Server: IP Configuration
Reference for more information about these keywords.
 If these  keywords are configured correctly, check the certificate
used by the NSS server.  The certificate subject name or one of the
certificate  subject alternate names must match the configured identity.
See the information about the IPSec Certificate
management in z/OS Communications Server: IP Configuration
Guide  for more information about managing NSS
server certificates.

User response
 Not applicable.

Problem determination
 Not applicable.

Source
 z/OS® Communications
Server TCP/IP: IKE daemon

Module
 Not applicable.

Routing code
 10

Descriptor code
 12

Example
  Not applicable.