cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Alert for Certifictates Expiry

Former Member

on ‎12-06-2008 1:50 PM

0 Kudos

Hello All,

We have a requirement to set up alerts for certificates (loaded in KeyStore) that are about to expire in 30 days. I do see an alert category -- SECSSFCERTEXPIRE. I have added my ID as a recipient and I get emails with a subject "Expiry of Certificates (SNC, SSF, SSL...) (The triggering application determined you as a recipient)". There is no indication of the certificate name.

Can anyone help me with configuring the alerts in a way that I get the certificate name in the email; how and when is a check made; how can I configure the lead time for alerts - my requirement is 30 days.

regards,

Roshni

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎01-01-2009 2:57 PM
0 Kudos

The alert category up seems to work only during run time, when message processing has to be done; when there is a problem with the Agreements.

There is an ABAP report (SSF_ALERT_CERTEXPIRE) that checks the certificates in TRUST MANAGER (STRUST) and it doesn't seem to check the ones in Key Storage. Any idea if connection between this report and the Key Storage possible at all?

@ Unni, Thanks for the link

regards,

Roshni

Show replies
Show replies
bhavesh_kantilal
Active Contributor
‎01-02-2009 4:29 AM
0 Kudos

Roshni,

A very interesting question. I don't have answers to your question, but if possible can you let us know the solution as and when you reach them.

Thanks,

Bhavesh

Former Member
‎02-25-2010 4:26 PM
0 Kudos 
Any idea if connection between this report SSF_ALERT_CERTEXPIRE and the Key Storage possible at all?

did you get some clue on this possibility?

I have posted similar thread and you may help if anything you can...

Regards

Sekhar

Edited by: sekhar on Feb 25, 2010 5:27 PM

Former Member
‎02-25-2010 8:49 PM
0 Kudos

No.

We could not check with SAP as it is a consultation problem.

We maintain a file with certificate expiry dates. A cron job checks for expiry and alerts us by email.

regards,

Roshni Mehta

Former Member
‎02-26-2010 3:33 AM
0 Kudos

Hi Roshni,

Thanks for response.

Would you please elaborate more in detail about your current practice

We maintain a file with certificate expiry dates. A cron job checks for expiry and alerts us by email.

What sort of file you are maintaining,

What's cron job and how do we schedule?

And other details that feel sharing.

Regards

Sekhar

Former Member
‎07-25-2010 5:34 PM
0 Kudos

Sekhar,

We maintain the cert dates in a text file. Something like this:

Expiry_date:View_Name:Cert_name_in_view:PartnerX:X's_contact_details

The shell script calculates the 30th day from its execution date. It greps for a match in the script. If a match is found, the details are emailed to the support team.

You can look up more information about cron [here|http://adminschoice.com/crontab-quick-reference]

You may try the suggestion provided [here|http://unix.ittoolbox.com/groups/technical-functional/shellscript-l/linux-shell-script-for-checking-certificate-expiry-date-with-mail-warning-for-apache-http-server-using-openssl-and-time-function-1644255].

I don't think any program exists in SAP application to check Key Storage and alert us in advance. I'm marking this question as answered as I have a work-around.

regards,

Roshni

Former Member
‎12-07-2008 2:31 AM
0 Kudos

Hi,

Check this link, may be useful.

Regards

Unni

Show replies
Show replies
Ask a Question