Report on Digital Certificates about to Expire

book

Article ID: 20327

calendar_today

Updated On:

Products

CA Cleanup CA Datacom - DB CA Datacom CA Datacom - AD CA Datacom - Server CA CIS CA Common Services for z/OS CA 90s Services CA Database Management Solutions for DB2 for z/OS CA Common Product Services Component CA Common Services CA Datacom/AD CA ecoMeter Server Component FOC CA Easytrieve Report Generator for Common Services CA Infocai Maintenance CA IPC Unicenter CA-JCLCheck Common Component CA Mainframe VM Product Manager CA Chorus Software Manager CA On Demand Portal CA Service Desk Manager - Unified Self Service CA PAM Client for Linux for zSeries CA Mainframe Connector for Linux on System z CA Graphical Management Interface CA Web Administrator for Top Secret CA CA- Xpertware CA Top Secret CA Top Secret - LDAP CA Top Secret - VSE

Issue/Introduction

Description:

What report will list Digital Certificates that will expire within a specified number of days?

Solution:

The CA-Top Secret Report & Tracking Guide:

SAFCRRPT Utility

------------------------

About the Certificate Utility

--------------------------------------

Use the Certificate Utility to display the certificate hierarchy in your database. Optionally, it will display each certificate, its signing

certificate, the certificates that it has signed, and all of the information provided with the CHKCERT and LIST commands. Execution of

SAFCRRPT requires a region size of 1500K.

You can tailor the output to display certificates:


 * For a specified user       
 * For a specified key ring 
 * That have not expired
 * That have a key in ICSF
 * That are currently trusted
 * That will expire within a specified number of days

EDAYS(expire days) - Specifies that only certificates that expire within the specified number of days are displayed.

Range: 1 to 365

The following is sample JCL to run the certificate utility. This JCL is found in the CAI.CAKOJCL0 file on the distribution tape. The member name is

CERTUTIL:

 //SAFRPTCR EXEC PGM=SAFCRRPT,PARM='TITLE(Certificate detailed report)'       
 //STEPLIB DD DISP=SHR,DSN=CAI.CAKOLINK 
 //SYSUDUMP DD SYSOUT=*
 //SYSPRINT DD SYSOUT=*
 //SYSIN DD *
 RECORDID(-) EDAYS(90) DETAIL TITLE('TEST EDAYS')

Environment

Release:
Component: AWAGNT