Hello,

I'm fairly new to the administrative side of the IBM i, so I hope I'm asking a question in the right group. My predecessor passed away suddenly and we have limited documentation on a great deal of the system. I have a CA certificate in DCM that is about to expire and my belief is that it is not in use currently. What method(s) can I use to confirm that it is not in use and can safely be disabled? I haven't been able to find any documentation on this topic.

Thanks in advance for your help and patience!

------------------------------
Craig Mardis
------------------------------

Hello Craig,

When you login to Digital Certificate Manager(DCM) please select the *SYSTEM store . As soon as you are in screen will be presented with all the certificates available there (active + expired). Every certificate itself has a "view" option which will show you "Application Definitions" which are using this certificate. 

Another option is to select "Manage Application Definitions" after signing on to *SYSTEM store. Here you will see all the application definitions with the certificate assigned to it. 

Let me know if it helps. 

------------------------------
Rohit Chauhan
Senior Technical Specialist
Norway

Original Message:
Sent: Tue October 15, 2024 10:41 AM
From: Craig Mardis
Subject: Digital Certificate Manager Functionality

Hello,

I'm fairly new to the administrative side of the IBM i, so I hope I'm asking a question in the right group. My predecessor passed away suddenly and we have limited documentation on a great deal of the system. I have a CA certificate in DCM that is about to expire and my belief is that it is not in use currently. What method(s) can I use to confirm that it is not in use and can safely be disabled? I haven't been able to find any documentation on this topic.

Thanks in advance for your help and patience!

------------------------------
Craig Mardis
------------------------------

Rohit,

Thanks very much for your response! I did check all the Application Definitions and the Certificate which will expire is not listed on any of the Application Definitions. Also, no applications are listed when I click  the "view" option on the certificate, there are no applications listed. So if it is not listed on any of these definitions that means that it's not in use on the system at all? Is that correct?

Hello Craig,

When you login to Digital Certificate Manager(DCM) please select the *SYSTEM store . As soon as you are in screen will be presented with all the certificates available there (active + expired). Every certificate itself has a "view" option which will show you "Application Definitions" which are using this certificate. 

Another option is to select "Manage Application Definitions" after signing on to *SYSTEM store. Here you will see all the application definitions with the certificate assigned to it. 

Let me know if it helps. 

------------------------------
Rohit Chauhan
Senior Technical Specialist
Norway

Original Message:
Sent: Tue October 15, 2024 10:41 AM
From: Craig Mardis
Subject: Digital Certificate Manager Functionality

Hello,

I'm fairly new to the administrative side of the IBM i, so I hope I'm asking a question in the right group. My predecessor passed away suddenly and we have limited documentation on a great deal of the system. I have a CA certificate in DCM that is about to expire and my belief is that it is not in use currently. What method(s) can I use to confirm that it is not in use and can safely be disabled? I haven't been able to find any documentation on this topic.

Thanks in advance for your help and patience!

------------------------------
Craig Mardis
------------------------------

Hello Craig,

That's correct. If it is not assigned to any of the application definitions then it is not in use. 

Rohit,

Thanks very much for your response! I did check all the Application Definitions and the Certificate which will expire is not listed on any of the Application Definitions. Also, no applications are listed when I click  the "view" option on the certificate, there are no applications listed. So if it is not listed on any of these definitions that means that it's not in use on the system at all? Is that correct?

Hello Craig,

When you login to Digital Certificate Manager(DCM) please select the *SYSTEM store . As soon as you are in screen will be presented with all the certificates available there (active + expired). Every certificate itself has a "view" option which will show you "Application Definitions" which are using this certificate. 

Another option is to select "Manage Application Definitions" after signing on to *SYSTEM store. Here you will see all the application definitions with the certificate assigned to it. 

Let me know if it helps. 

------------------------------
Rohit Chauhan
Senior Technical Specialist
Norway

Original Message:
Sent: Tue October 15, 2024 10:41 AM
From: Craig Mardis
Subject: Digital Certificate Manager Functionality

Hello,

I'm fairly new to the administrative side of the IBM i, so I hope I'm asking a question in the right group. My predecessor passed away suddenly and we have limited documentation on a great deal of the system. I have a CA certificate in DCM that is about to expire and my belief is that it is not in use currently. What method(s) can I use to confirm that it is not in use and can safely be disabled? I haven't been able to find any documentation on this topic.

Thanks in advance for your help and patience!

------------------------------
Craig Mardis
------------------------------

Hello Craig,

When you login to Digital Certificate Manager(DCM) please select the *SYSTEM store . As soon as you are in screen will be presented with all the certificates available there (active + expired). Every certificate itself has a "view" option which will show you "Application Definitions" which are using this certificate. 

Another option is to select "Manage Application Definitions" after signing on to *SYSTEM store. Here you will see all the application definitions with the certificate assigned to it. 

Let me know if it helps. 

------------------------------
Rohit Chauhan
Senior Technical Specialist
Norway
------------------------------

Original Message:
Sent: Tue October 15, 2024 10:41 AM
From: Craig Mardis
Subject: Digital Certificate Manager Functionality

Hello,

I'm fairly new to the administrative side of the IBM i, so I hope I'm asking a question in the right group. My predecessor passed away suddenly and we have limited documentation on a great deal of the system. I have a CA certificate in DCM that is about to expire and my belief is that it is not in use currently. What method(s) can I use to confirm that it is not in use and can safely be disabled? I haven't been able to find any documentation on this topic.

Thanks in advance for your help and patience!

------------------------------
Craig Mardis
------------------------------