DCMrenamecert OR DCMimport for Server/ Client certificate not working

[MRibmash]

Hi Jesse,

I was excited to see the command line interface for DCM on AS400. The DCMView / DCMdelete works great. The import of SSL cert when CSR is in the pending state does not work as expected. The certificate gets added as CA. This makes it impossible to use this fine tool in automation that we are trying to do internally at our company. We do have our own CA, thus we can create internal server/ client certificates for a secure connection. Can you please guide me on using the DCMimport or DCMrenamecert command in this scenario?

dcmrenamecert --dcm-store=*SYSTEM --dcm-password=icanttellyou --old-label='ssl_cert_AS400_2022'
--new-label='ssl_cert_AS400'

Respectfully, Ashok

[tlhaze]

I would like to provide a suggestion... (no promises it will work) Please try to import the certificate using the "dcmrenew" instead.
Importing a certificate as a CA assumes there is no private key associated with the certificate in the certificate store so when importing as such, the private key does not get associated with the certificate.

But when using the "dcmrenew" which imports the certificate as a server certificate where the private key already exists in the certificate store, I believe it will associate the certificate and private key together during import.