z/OS Cryptographic Services System SSL Programming
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


0335302E

z/OS Cryptographic Services System SSL Programming
SC14-7495-00

0335302E
Database contains certificates signed by the certificate.

Explanation

A CA certificate cannot be deleted because the database still contains certificates that were signed using that certificate. A certificate renewal for a signing certificate fails with this error code if the certificates subject name has changed.

User response

Delete all certificates that are signed by the CA certificate before deleting the certificate. To renew a signing certificate with a changed subject name all dependent certificates must be resigned with the new certificate:
  • Create certificate renewal requests for each dependent certificate and delete the dependent certificates and keys.
  • Receive the new signing certificate.
  • Sign any dependent certificate requests with the new signing certificate.
  • Receive the signed dependent certificate renewals.
Parent topic: CMS status codes (03353xxx)

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014