It's not easy. There is an idea under consideration that needs more votes. https://ideas.ibm.com/ideas/ZOS-I-4386
Lennie -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Peter Ten Eyck Sent: 21 October 2025 19:38 To: [email protected] Subject: RACF Certificate cleanup Is there a way to report on what certificates within a given key ring are being used? Of course, the expired stuff can be removed, but I would like to verify that all the non-expired stuff is actually being used? I played around with z/Secure access monitored records and some SMF records via z/Secure but was unsuccessful. Could PAGENT tell me something? ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
