Peter Ten Eyck: >Is there a way to report on what certificates within a given key ring >are being used? Of course, the expired stuff can be removed, but I >would like to verify that all the non-expired stuff is actually being >used? I played around with z/Secure access monitored records and >some SMF records via z/Secure but was unsuccessful.
Which SMF record types/subtypes have you looked at? I haven’t digged into this area as much as I probably should, but to my knowledge there are some Type 80 subtypes that bear on certificate usage from a RACF keyring perspective. ————— Timothy Sipples Senior Architect Digital Assets, Industry Solutions, and Cybersecurity IBM Z/LinuxONE, Asia-Pacific [email protected] ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
