on 12-06-2008 1:50 PM
Hello All,
We have a requirement to set up alerts for certificates (loaded in KeyStore) that are about to expire in 30 days. I do see an alert category -- SECSSFCERTEXPIRE. I have added my ID as a recipient and I get emails with a subject "Expiry of Certificates (SNC, SSF, SSL...) (The triggering application determined you as a recipient)". There is no indication of the certificate name.
Can anyone help me with configuring the alerts in a way that I get the certificate name in the email; how and when is a check made; how can I configure the lead time for alerts - my requirement is 30 days.
regards,
Roshni
The alert category up seems to work only during run time, when message processing has to be done; when there is a problem with the Agreements.
There is an ABAP report (SSF_ALERT_CERTEXPIRE) that checks the certificates in TRUST MANAGER (STRUST) and it doesn't seem to check the ones in Key Storage. Any idea if connection between this report and the Key Storage possible at all?
@ Unni, Thanks for the link
regards,
Roshni
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Roshni,
Thanks for response.
Would you please elaborate more in detail about your current practice
We maintain a file with certificate expiry dates. A cron job checks for expiry and alerts us by email.
What sort of file you are maintaining,
What's cron job and how do we schedule?
And other details that feel sharing.
Regards
Sekhar
Sekhar,
We maintain the cert dates in a text file. Something like this:
Expiry_date:View_Name:Cert_name_in_view:PartnerX:X's_contact_details
The shell script calculates the 30th day from its execution date. It greps for a match in the script. If a match is found, the details are emailed to the support team.
You can look up more information about cron [here|http://adminschoice.com/crontab-quick-reference]
You may try the suggestion provided [here|http://unix.ittoolbox.com/groups/technical-functional/shellscript-l/linux-shell-script-for-checking-certificate-expiry-date-with-mail-warning-for-apache-http-server-using-openssl-and-time-function-1644255].
I don't think any program exists in SAP application to check Key Storage and alert us in advance. I'm marking this question as answered as I have a work-around.
regards,
Roshni
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
98 | |
11 | |
11 | |
10 | |
10 | |
8 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.