Pagent cannot tell you this information. I can use TLS without using pageant, and so pagent would miss it.
I do not think RACF does not have the facility to report what is used or not. You can display which certificates are on a keyring, and then display information about the certificate, The callable services R_datalib (IRRSDL00 or IRRSDL64): Certificate Data Library does not provide this information There is an RDATALIB profile for IRR.DIGTCERT.<certOwner>.<certLabel> - but only if you add/alter/delete it Colin On Tue, 21 Oct 2025 at 19:38, Peter Ten Eyck < [email protected]> wrote: > Is there a way to report on what certificates within a given key ring are > being used? Of course, the expired stuff can be removed, but I would like > to verify that all the non-expired stuff is actually being used? > > I played around with z/Secure access monitored records and some SMF > records via z/Secure but was unsuccessful. > > Could PAGENT tell me something? > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
