You could check the expiration. If they are expired they are pretty much defunct. Of course, that is mostly for endpoint certificates. CA certificates tend to be good for 20-30 years.
Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Frank Swarbrick Sent: Thursday, February 18, 2021 11:16 AM To: [email protected] Subject: RACF certificate usage Does RACF keep track of the last time a certificate was "used"? If so, how can we get this information? We have a "lot" of certificates that I have a feeling are no longer used, and perhaps were never used, and it would be useful to know this information to know if they can be removed. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
