I am trying to use my own certificate and keyring in z/OSMF and I am failing with 

[ERROR   ] CWPKI0033E: The keystore located at 
safkeyringjcehybrid:///CCPKeyring.IZUDFLT did not load 
because of the following error: Errors encountered loading 
keyring. Keyring could not be loaded as a JCECCARACFKS or 
JCERACFKS keystore. 

It looks like only RSA certificates are supported.

if I use

RACDCERT ID(COLIN) GENCERT - 
  SUBJECTSDN(CN('10.1.1.2') - 
             O('NISTEC224') - 
             OU('SSS')) - 
   ALTNAME(IP(10.1.1.2))- 
   NISTECC - 
   SIZE(224 ) - 
   SIGNWITH (CERTAUTH LABEL('DOCZOSCA')) - 
   WITHLABEL('NISTEC224')      

it fails .. If I use a certificate with RSA instead of NISTECC it works.

A) Are elliptic keys supported?
B) Are there any flags I can set to get out a trace of the actions leading to this message - so I can debug it?  I tried -Djava.security.auth.debug=all but that didnt produce any output

I know some elliptic keys dont work - https://colinpaice.blog/2023/07/02/strong-keys-may-be-bad-for-your-blood-pressure/   but I've had the certificates working outside of Java

Thank you

Colin