How can I know when my Sterling Connect:Direct Secure Plus certificates are about to expire?

You can use the built-in Certificate Expiry Warning rule that is included in IBM® Sterling Control Center Monitor to generate an alert when Sterling Connect:Direct® Secure Plus key and trusted certificates are about to expire.

For managed Sterling Connect:Direct servers, for which IBM Sterling Control Center Monitor is able to perform Configuration Management of both Sterling Connect:Direct Secure Plus key and trusted certificates, you can use the Certificate Expiry Warning rule to be alerted when either type of certificate is approaching a user-defined number of days before expiration.

This rule watches for events with one of two message identifiers:

CCFG229I Trusted Certificate Expiry notification.  Server ID: {0}  Certificate: {1}  
Expires: {2}  Days left: {3} and
CCFG230I Key Certificate Expiry notification.  Server ID: {0}  Certificate: {1}  
Expires: {2}  Days left: {3}

By default, this rule generates a Sev 1 alert when the number of days left before a certificate expires is less than or equal to 60. You can edit this rule or create your own version of it to watch for only the CCFG229I message or CCFG230I message. In addition, you can edit it to trigger sooner or later, or to perform a different action than the Sev 1 alert, or in addition to the Sev 1 alert.

Attention: This rule depends on either the user, or the system, to initiate daily configuration object synchronizations.