In MQ the errors CTGSK2042W and CTGSK2043W occur when running runmqakm. ikeyman does not cause those errors.

The CA root and intermediate certificates were already added to the keystore using commands like:

runmqakm -cert -add -db KeyStore1.kdb -pw passw0rd -label “&ltCA certificate label&gt” -file CACertificate.cer

When running the following command to receive a CA signed certificate into the keystore

runmqakm -cert -receive -file CAsigned.cer -db KeyStore1.kdb -pw passw0rd -format ascii

The following error messages occur

CTGSK2042W A database validation error occurred.
CTGSK2043W Key entry validation failed.

If ikeyman (strmqikm) is used to receive the CA signed certificate into the keystore, then it works correctly.


Leave a Reply