Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
428 z/OS Cryptographic Services System SSL Programming SC14-7495-00 |
|
428 Key entry does not contain a private key. ExplanationThe key entry does not contain a private key or the private key is not usable. This error can also occur if the private key is stored in ICSF and ICSF services are not available, if using a SAF key ring that is owned by another user, if the private key size is greater than the supported configuration limit or the application is executing in FIPS mode. Certificates that are meant to represent a server or client must be connected to a SAF key ring with a USAGE value of PERSONAL and either be owned by the user ID of the application or be SITE certificates. This error can occur when using z/OS® PKCS #11 tokens if the user ID of the application does not have appropriate access to the CRYPTOZ class. This error can occur when using private keys associated with user certificates in a SAF key ring that is owned by another user if the user ID of the application does not have appropriate access to the ringOwner.ringName.LST resource in the RDATALIB class. User responseEnsure that the ICSF started task is started before the application if the private key is stored in ICSF. When using z/OS PKCS #11 tokens, ensure that the user ID has appropriate access to the CRYPTOZ class. If executing in FIPS mode, ensure that the certificate that is being used does not have its private key stored in ICSF. |
Copyright IBM Corporation 1990, 2014
|