I made a mistake creating a certificate, and could not delete it, because I got a message

IRRD109I The certificate cannot be added. Profile … is already defined.

In my JCL I had

RACDCERT GENCERT  -                                           
  CERTAUTH -                                                  
  SUBJECTSDN(CN('DocZosCADSA')- 
             O('COLIN') -                                     
             OU('CA')) - 
  NOTAFTER(   DATE(2027-07-02  ))-                            
  KEYUSAGE(   CERTSIGN      )  -        
  DSA  
  SIZE(1024) -                                                
  WITHLABEL('DocZosCADSA')                                    
                                                              

This created a certificate

I was missing the – after DSA, so the DSA, SIZE(1024) and importantly the WITHLABEL() was missing.

When I tried to recreate this certificate I got message

IRRD109I The certificate cannot be added. Profile 00.CN=DocZosCADSA.OU=CA.O=COLIN is already defined.

My problem was, what do I delete ?

The following command listed all of the certificate owned by certauth.

RACDCERT certauth LIST

I searched for CN=DocZosCADSA and it found. (Use the CN=… not the whole string)

Label: LABEL00000002 
...
Subject's Name: 
     >CN=DocZosCADSA.OU=CA.O=COLIN< 
...

Note the label.

The command

RACDCERT CERTAUTH DELETE(LABEL('LABEL00000002'))

Deleted the certificate in error – problem solved.

Note: For a personal certificate the reported certificate was like

02AB.CN=SSCA256.OU=CA.O=SSS.C=GB

If you use the list command the certificate sequence number 02AB is on a different line to the remainder of the label.