Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
ICH444I z/OS Security Server RACF Messages and Codes SA23-2291-00 |
|
ICH444I The program contains an incorrect certificate chain. Reason
code X'rsncode'. ExplanationWhen a program is signed during the bind process, the program object contains a digital signature and the digital certificate chain for the user who performed the program bind. This message indicates that the digital certificate chain is incorrect. The reason
code in this message indicates the reason for the failure. This reason
code originates from the R_PgmSignVer callable service (IRRSPS00),
which is called to verify the signature and certificate chain when
the program is loaded. In ../com.ibm.zos.v2r1.ichd100/ich2d110.htm, there
is a specific set of return and reason codes documented for function
code X’0007’ (VERFINAL). The relevant reason codes are documented
under SAF return code 8 and RACF® return
code 16.
Note:
System actionIf message ICH441I precedes this message, the program load continues. If message ICH440I precedes this message, the load fails. Routing code9 and 11 Descriptor code6 RACF Security Administrator ResponseInform the provider of the program with the information in this message. Either the program was not built correctly, or it was modified. A new copy of the module with the correct signature and certificate chain is required. You can
temporarily bypass this error in any of the following ways:
Note: The current security policy flagged this condition as an
error. Bypassing the error prevents this message from being issued
when the program is loaded, but reduces system security and does not
resolve the problem. Once you resolve the problem, revisit your FAILLOAD
and SIGAUDIT settings.
|
Copyright IBM Corporation 1990, 2014
|