I have expired and about to expiry certificates in one of my application domain, just i want to monitor the certificates that which are expired and about expire for that i enabled Crypto Certificate Monitor in default domain with debug log level as Warning and also created a file log target which subscribes to "cert-monitor" and evrent priority is warning.
after that i disabled and enabled Certificate Monitor to scan all certificates status, even though i have expired and about to exipre certificates un able to see any logs and also log target is not being triggred. any thing else needs to be done from configuration side? kindly help me on this ASAP.
Thanks in Adv
This topic has been locked.
4 replies Latest Post - 2013-03-04T15:55:11Z by SystemAdmin
Pinned topic Query related to Crypto Certificate Monitor?
Answered question This question has been answered.
Unanswered question This question has not been answered yet.
Updated on 2013-03-04T15:55:11Z at 2013-03-04T15:55:11Z by SystemAdmin
swlinn 100000E7QE1344 PostsACCEPTED ANSWER
Re: Query related to Crypto Certificate Monitor?2013-02-26T18:38:29Z in response to SystemAdminI just disabled/enabled the cert-monitor object on my 5.0.0.x appliance and in the default log of the default domain I see these cert-monitor logs. In my case there are a number of domains that are throwing continual connection error logs and the main log rolled, but I was able to find them in the logtemp:// directory on one of the archived files. So if that is not the case where your logs are, the obvious questions come to mind: firmware version, export of log target object, etc.
inestlerode 270001CUTT166 PostsACCEPTED ANSWER
Re: Query related to Crypto Certificate Monitor?2013-02-27T18:35:17Z in response to SystemAdmin> I have expired and about to expiry certificates in one of my application domain, just i want to monitor the certificates that
> which are expired and about expire
It is also worth pointing out that the Certificate Monitor only monitors Crypto Certificate config objects. It does not monitor certificate files sitting on the flash that have no Crypto Certificate object pointing to them. Sometimes this causes confusion (people are incorrectly expecting that it will notice some expired certificate file on the flash that is unused).
Re: Query related to Crypto Certificate Monitor?2013-03-04T15:55:11Z in response to inestlerodei changed crypto cert-monitor level to error and i configured log target with cert-monitor log category and priority is error.
and now able to get the errors regarding certificate expiry.