list notrust certificates in ACF2

book

Article ID: 211672

calendar_today

Updated On:

Products

CA ACF2

Issue/Introduction

How can I find out all of the notrust certificates in ACF2? 

Environment

Release : 16.0

Component : CA PAM Client for Linux for zSeries

Resolution

Use the SAFCRRPT utility. This utility will let you specify TRUST or NOTRUST, which will display only the certificates that have either TRUST or NOTRUST status.

An example, minus the jobcard would be:

//SAFRPTCR EXEC PGM=SAFCRRPT,REGION=64M 
//SYSUDUMP DD SYSOUT=*                  
//SYSPRINT DD SYSOUT=*                  
//SYSIN DD *                            
RECORDID(-) SUMMARY NOTRUST    

Additional Information

https://techdocs.broadcom.com/us/en/ca-mainframe-software/security/ca-acf2-for-z-os/16-0/reporting/other-ca-acf2-utilities.html