IKYS010I   Profile for key ring or default certificate or private key not found

Explanation

PKI Services is attempting to retrieve data from the SAF key ring specified by the KeyRing value in the SAF section of the pkiserv.conf file. The key ring specified does not appear to be set up properly. Possible problems are:
  • Key ring is empty.
  • CA certificate in the key ring not connected as PERSONAL DEFAULT.
  • CA certificate in key ring has no private key.
  • User ID assigned to the PKI Services daemon has insufficient authority to read the key ring or private key.

System action

PKI Services stops.

System programmer response

Ensure that the SAF key ring and the certificate stored in it are correct. For more information, see Running IKYSETUP to perform RACF administration and z/OS Security Server RACF Security Administrator's Guide.

Parent topic: Messages