Hi Larry, if you are still seeing this error, can I suggest that you raise a case with your local bmc software support centre.
we are using MVexplorer with certs in keying in RACF.
bbparm(bbmmve00) is configured with following settings:
HOSTCN=my.fullyqualified.domainname <-- is used in https://my.fullyqualified.domainname:3940/mve.html
SSLCERT_LOCATION=R_DATALIB <-- means cert is in RACF
SSLCERT_NAME=my.racfkeyring <-- name of ring; 'RACDCERT ID(user) LISTRING(my.racfkeyring)' will list the keyring
SSLKEY_LOCATION=ICSF <-- private key is taken from ISCF
SSLKEY_NAME=priv.key.name <-- this is PKDS label; use 'RACDCERT ID(user) LIST' to show it
we have mve-server-cert and ca certs and user ca certs in the ring. so overall around eight certs.
mve-server-cert is marked with DEFAULT=YES, USAGE=personal. The others are USAGE=CERTAUTH.