Help needed with DCM certificate renewal
We have a client certificate that needs to be renewed; we've downloaded and installed the new certificate to IE, and exported it from IE. I've tried copy/paste and FTP to put the certificate onto the i5, but get the same error when I try to renew the certificate in Digital Certificate Manager:
"An asn.1 encoding/decoding error occurred If this file was transferred to this location, check that you used the correct mode..."
Even though the key appears to be binary, I even tried as ASC FTP, (with the same error result).
I'd appreciate any pointers on what I could try next to get this thing put in place.
"An asn.1 encoding/decoding error occurred If this file was transferred to this location, check that you used the correct mode..."
Even though the key appears to be binary, I even tried as ASC FTP, (with the same error result).
I'd appreciate any pointers on what I could try next to get this thing put in place.
ASKER
Yep, that's what I used as my directions. I found you can get to the same renewal process by clicking Renew while checking for certificates that are about to expire - and get the same error message.
Now, what I didn't try was renewing by creating a new key pair - mainly because I don't know whether that would leave me with two certificates, and what I would have to do to make certain my program uses the correct certificate.
Now, what I didn't try was renewing by creating a new key pair - mainly because I don't know whether that would leave me with two certificates, and what I would have to do to make certain my program uses the correct certificate.
Hi jcc,
2 certificates is not a real problem, sometime you need the older one also, depending on the usage etc.
I deleted my old certificates once and couldn't open my singned/encrypted mail anymore :-)
Please try and let me (us) know the result.
Regards,
Murph
2 certificates is not a real problem, sometime you need the older one also, depending on the usage etc.
I deleted my old certificates once and couldn't open my singned/encrypted mail anymore :-)
Please try and let me (us) know the result.
Regards,
Murph
ASKER
Okay, the Create New Pair option loses me. It leads to creating a new certificate request string. Aside from having already received the certificate from Verisign, I have no idea what to do with that string!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Well, I took a different route: Renew just plain wasn't working, so I imported the new certificate, validated it, and assigned it to the FTP Server/Client apps.
Now to arrange testing with the bank. Here's hoping...
Now to arrange testing with the bank. Here's hoping...
ASKER
Now that the bank has sent the correct certificates, we're back in business.
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
Checkout the "Digital Certificate Manager (DCM)"
especialy the pargraph "Renewing an existing certificate" (See link)
http://publib.boulder.ibm.com/infocenter/iseries/v5r4/index.jsp?topic=%2Frzahu%2Frzahurzahu401usingdcm.htm
Good Luck,
Murph