IMPORTANT – Clarification: CA Receive Order Certificate is Expiring

Resource Initialization Manager(Comm)

17193

13 May 2021

31 January 2021

* This Critical Alert ONLY applies to sites using CA SMP/E Receive Order server. *

This Alert does NOT apply to sites using CA Chorus Software Manager (CSM) to download Broadcom Mainframe maintenance packages.

This Critical Alert is to notify customers of a Broadcom CA SMP/E Receive Order server certificate that expires on Friday, February 5, 2021 at 11:30 PM EST. For SMP/E to authenticate this new renewed Broadcom Order server certificate, a new Digicert Global Root G2 certificate is required. Existing customers who use SMP/E Receive Order to acquire maintenance will need to download, install and CONNECT this new Digicert Global Root G2 certificate to their existing SMP/E keyring.  Please follow the instructions below to avoid any impact.   

PROBLEM DESCRIPTION: 

If you are using CA SMP/E Receive Order to acquire maintenance, you will need to obtain a new certificate by Friday, February 5, 2021 before 11:30 PM EST.   The new certificate can be added to your existing keyring.  Use the following instructions to obtain the new certificate and update your keyring within your external security manager (CA ACF2, CA Top Secret, or IBM RACF).

 INSTRUCTIONS:

Use the following instructions to download the new Digicert Global Root G2 certificate: 

1. Download the NEW certificate from https://support.broadcom.com/cadocs/0/certs/eapi/digi-root.crt.

2. Upload the new certificate as text data to your z/OS data set allocated as RECFM=VB and LRECL>=84 format.    If you use FTP, use the following commands to avoid truncation:

           ASCII 
          QUOTE SITE WRAP LRECL=84 RECFM=VB
          PUT your_PC_filename 'your.dataset.name' (REPLACE
          quit

3. The keyring will now require three certificates which include:

  1. (NEW) Root Digicert
  2. (Existing) Intermediate Digicert 
  3. (Existing) Broadcom user Certificate.  

  4. Use CA ACF2, CA Top Secret, or IBM RACF to add the new certificate to the keyring.  


 

If you have any questions about this Critical Alert, please contact Broadcom Support.
 

Thank you,

Broadcom Support Team