If you have Broadcom's SYSVIEW, the KEYRING command will tell you everything you want to know about the keyrings and certificates.
If you don't have it, you might be entitled to SYSVIEW ESSENTIALS which is a stripped down version, but lets you run the KEYRING command. Gadi ________________________________ From: IBM Mainframe Discussion List <[email protected]> on behalf of Peter Ten Eyck <[email protected]> Sent: Tuesday, October 21, 2025 21:38 To: [email protected] <[email protected]> Subject: RACF Certificate cleanup Is there a way to report on what certificates within a given key ring are being used? Of course, the expired stuff can be removed, but I would like to verify that all the non-expired stuff is actually being used? I played around with z/Secure access monitored records and some SMF records via z/Secure but was unsuccessful. Could PAGENT tell me something? ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
