Topic
  • 13 replies
  • Latest Post - ‏2019-01-26T21:25:38Z by sam_520
Sarav_2015
Sarav_2015
15 Posts

Pinned topic Datapower certificate monitor alert issue

‏2017-03-27T14:40:45Z |

Hello,

In our datapower appliance, we got alert for a certificate expiry and we replaced the certificate by over writing the existing certificate... But we do get certificate expired alert still.. Is anything we can do to mitigate this..? Thanks in advance... !!

  • Sarav_2015
    Sarav_2015
    15 Posts
    ACCEPTED ANSWER

    Re: Datapower certificate monitor alert issue

    ‏2017-03-29T08:20:45Z  
    • HermannSW
    • ‏2017-03-28T20:44:39Z

    Please switch Crypto Certificate object Admin state to disabled, that enables the Apply button.

    Then switch it back to enabled, and click Apply.

    Thank you so much for your help... I was able to apply this change...  Cheers.. :-)

  • HermannSW
    HermannSW
    8694 Posts

    Re: Datapower certificate monitor alert issue

    ‏2017-03-28T12:09:25Z  

    Did you do the over wrriting via the certificate configuration sreen, or just via upload in File Management?

  • Sarav_2015
    Sarav_2015
    15 Posts

    Re: Datapower certificate monitor alert issue

    ‏2017-03-28T12:35:10Z  
    • HermannSW
    • ‏2017-03-28T12:09:25Z

    Did you do the over wrriting via the certificate configuration sreen, or just via upload in File Management?

    I overwrote the new certificate and we could not just upload the certificate into shared cert folder with the same file neme... So, only the renewed certificate is in the folder and no old certificate with the same name under that folder or under any other path.....

    Updated on 2017-03-28T12:42:03Z at 2017-03-28T12:42:03Z by Sarav_2015
  • HermannSW
    HermannSW
    8694 Posts

    Re: Datapower certificate monitor alert issue

    ‏2017-03-28T12:48:47Z  

    I overwrote the new certificate and we could not just upload the certificate into shared cert folder with the same file neme... So, only the renewed certificate is in the folder and no old certificate with the same name under that folder or under any other path.....

    Did you overwrite with File Manager or not?

  • Sarav_2015
    Sarav_2015
    15 Posts

    Re: Datapower certificate monitor alert issue

    ‏2017-03-28T12:57:21Z  
    • HermannSW
    • ‏2017-03-28T12:48:47Z

    Did you overwrite with File Manager or not?

    Yes.. It is overwritten..

  • HermannSW
    HermannSW
    8694 Posts

    Re: Datapower certificate monitor alert issue

    ‏2017-03-28T13:00:48Z  

    Yes.. It is overwritten..

    With "File Manager" or via "certificate configuration screen"?

  • Sarav_2015
    Sarav_2015
    15 Posts

    Re: Datapower certificate monitor alert issue

    ‏2017-03-28T13:03:22Z  
    • HermannSW
    • ‏2017-03-28T13:00:48Z

    With "File Manager" or via "certificate configuration screen"?

    With file manager...

  • HermannSW
    HermannSW
    8694 Posts

    Re: Datapower certificate monitor alert issue

    ‏2017-03-28T13:17:43Z  

    With file manager...

    OK, please open the certificate object and click "Apply", that should make certificate monitor aware of the changed cert "file".

  • Sarav_2015
    Sarav_2015
    15 Posts

    Re: Datapower certificate monitor alert issue

    ‏2017-03-28T14:33:53Z  
    • HermannSW
    • ‏2017-03-28T13:17:43Z

    OK, please open the certificate object and click "Apply", that should make certificate monitor aware of the changed cert "file".

    I opened the "crypto certificate" object and the new certificate reflects there.. But, I do not get "Apply" button as you mentioned.. So, I just saved the configuration again... Or Did  I misunderstand something you told...

  • HermannSW
    HermannSW
    8694 Posts

    Re: Datapower certificate monitor alert issue

    ‏2017-03-28T20:44:39Z  

    I opened the "crypto certificate" object and the new certificate reflects there.. But, I do not get "Apply" button as you mentioned.. So, I just saved the configuration again... Or Did  I misunderstand something you told...

    Please switch Crypto Certificate object Admin state to disabled, that enables the Apply button.

    Then switch it back to enabled, and click Apply.

  • Sarav_2015
    Sarav_2015
    15 Posts

    Re: Datapower certificate monitor alert issue

    ‏2017-03-29T08:20:45Z  
    • HermannSW
    • ‏2017-03-28T20:44:39Z

    Please switch Crypto Certificate object Admin state to disabled, that enables the Apply button.

    Then switch it back to enabled, and click Apply.

    Thank you so much for your help... I was able to apply this change...  Cheers.. :-)

  • Kota.Nalini
    Kota.Nalini
    1 Post

    Re: Datapower certificate monitor alert issue

    ‏2017-08-16T20:32:23Z  

    Hi Sarav,

    I need some help in Datapower certificate monitor alert issue. I am not getting the certificate alert. could please help me. I did all the changes which are mentioned in this thread. But no success.

    Thanks in advance,

  • csumner
    csumner
    370 Posts

    Re: Datapower certificate monitor alert issue

    ‏2017-08-17T13:57:42Z  

    Hi Sarav,

    I need some help in Datapower certificate monitor alert issue. I am not getting the certificate alert. could please help me. I did all the changes which are mentioned in this thread. But no success.

    Thanks in advance,

    The certificate monitor alert log message only occurs once and does not repeat.  To test this, create a certificate (using crypto tools) which expires less than the number of days that you are monitoring for. The Certificate Monitor only monitors crypto objects that point to expiring certificates. It does not look at the certificate files themselves.

    --Charlie

  • sam_520
    sam_520
    10 Posts

    Re: Datapower certificate monitor alert issue

    ‏2019-01-26T21:25:38Z  
    • csumner
    • ‏2017-08-17T13:57:42Z

    The certificate monitor alert log message only occurs once and does not repeat.  To test this, create a certificate (using crypto tools) which expires less than the number of days that you are monitoring for. The Certificate Monitor only monitors crypto objects that point to expiring certificates. It does not look at the certificate files themselves.

    --Charlie

    Hi Csumer,

     

    you mean that even after creating the certificate that expires in a day or two , Datapower scannes the crypto certificate once in a day . correct !!!

     

    I have created certificate monitoring object but yesterday , but still i did not receive any alter. In order to accomplish the cert montoring i have created logs target with SMTP details and crypto certificate monitor with polling interval to 1 dat and reminder time as 30. 

    I have tested SMTP log target going to troublshooting and generate log message  with cert monitoring as a category and it worked.

     My ask here is 

    it has been one day , i have configured the alter still it is not sending out any email . i wanted to know whether i need to enable anything.

     

    Thanks

    Satya