search cancel

Reporting on expired, expiring, and unused certificates.

book

Article ID: 144608

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC

Issue/Introduction

Reporting on expired, expiring and unused certificates is needed.

 

 

Environment

Release : 16.0
Component : CA ACF2 for z/OS

Resolution

Unfortunately there is no report or method to determine if a certificate is being used. 

The ACF2 SAFRPTCR report  displays the certificate hierarchy in your database. Optionally, it shows each certificate, its signing certificate, and the certificates that it has signed. You may also display all of the information provided on a CHKCERT command and LIST command. The display can be tailored so that only certificates from a particular user or key ring will be displayed. You can decide to show only certificates that are not expired, have a key in ICSF, and are currently trusted. You can also display only those certificates that will expire within 1-365 day range.

Details on the SAFRPTCR can be found in at  ACF2 SAFCRRPT - Certificate Utility