Each profile in the DIGTCERT class contains a digital certificate and information related to the certificate. The APPLDATA field contains the RACF® user ID associated with this digital certificate. The UACC contains the status of the certificate. When a certificate's status is set to TRUST, the initACEE callable service allows the certificate to be mapped to the RACF user ID contained in the APPLDATA field.

Important: Do not enable generic profile checking for the DIGTCERT class by issuing the SETROPTS GENERIC(DIGTCERT) or SETROPTS GENERIC(*) command. Some classes, such as DIGTCERT and DIGTRING, do not support generic profile checking. These and other classes might already have profile names that contain generic characters (*, &, and %). If a class already has profile names that contain generic characters, avoid issuing the SETROPTS GENERIC(classname) command for that class. Enabling generic profile checking for such a class prevents RACF from using previously defined profiles that contain generic characters in the name.