[prev in list] [next in list] [prev in thread] [next in thread] 

List:       racf-l
Subject:    Re: Certificate usage monitoring
From:       Elardus Engelbrecht <elardus.engelbrecht () SITA ! CO ! ZA>
Date:       2016-09-28 12:33:38
Message-ID: 3606438386452641.WA.elardus.engelbrechtsita.co.za () listserv ! uga ! edu
[Download RAW message or body]

Mark Jacobs wrote:

> It there anyway to log the use of certificates that are stored in the RACF \
> database? If so, how.

I asked the same question in May 2016. Answer - there is nothing available natively \
in RACF, you need vendor products for that. You've got replies for vendor products.

Checking SMF records or setting FACILITY class profile(s) IRR.??? for access or audit \
will yield little as confirmed in my May query. In fact, nothing triggers usage of \
the certificates. 

To clarify, if, after you got access via FACILITY class profiles IRR.???, then you \
can use the certificate and keyring. It is somewhat easy to see usage if the certs \
are your own, but you probably also wants to know usage of SITE and CERTAUTH Certs.

About Charles's comment 'RACF events 72, 83 and/or 86 *might* log certificate usage.' \
- I will check that comment to see if your and my questions can be answered by using \
those events in reporting.

Wai Choi kindly told in a reply to my question - If the Certificate Status is NOTRUST \
- it is definitifely NOT in use.

Good luck! If you got any good replies, please tell me! 

Groete / Greetings
Elardus Engelbrecht


[prev in list] [next in list] [prev in thread] [next in thread]