2021 Oct 28 2:12 PM
Hello Everybody,
I was wondering myself, how you all keep track of the expiration dates of your implemented ssl certificates.
What solution do you use? SolMan, Check_MK, PRTG, Nagios,...?
Or do you use simple Excel-Sheets, etc.?
I am thankful for any input and experiences.
Kind Regards
Tobias
2021 Oct 28 2:36 PM
I am curious to this as well. And to piggyback onto this how to receive proactive notifications that the cert is about ready to expire instead of only receiving alerts after the fact.
2021 Oct 29 1:45 PM
Hi Tobias,
SAP provides a report SSF_ALERT_CERTEXPIRE to alert us on the certificates expiring in near future.
Please go through the blog for more information.
https://blogs.sap.com/2015/10/24/ssfalertcertexpire-invalid-message-received-in-email/
Regards,
Prithviraj.
2021 Nov 01 9:42 PM
Hi,
This is a tricky question, because there is no real answer. It is most based on what you know/want to learn and how you(r company) plan to address expiring certs.
Is an email enough? prithvirajr's answers quickly does the trick.
Is desired to handle as a tracked process (by incident/task)? Then you could go with SolMan (Sysmon + ITSM, there is a KBA for the SysMon part).
Is your infrastructure monitored by other tools? Maybe you should try to locate a plugin for it (GitHub is likely the place you'll find them, or use SysMon + Notification Framework to push alerts for that tool.
They are not exclusives, because you can benefit from SysMon in an email-only solution, having a medium-sized landscape or being lazy to do things (maintaining recipients only once on SolMan rather than on each system).