Technology Blogs by Members
Explore a vibrant mix of technical expertise, industry insights, and tech buzz in member blogs covering SAP products, technology, and events. Get in the mix!
cancel
Showing results for 
Search instead for 
Did you mean: 
Former Member
50,507

Report to check for Certificates Close to Expiring

I just wanted to share with you that there is a useful report that can be ran that will actually show the expired date in RED if it is set to expire within the time range that you specified.  This is a much better process than having us go through STRUSTSSO2 for all of the 3rd party certificates.  Plus, it will report the in house certificates.

Steps:

  • Run the report SSF_ALERT_CERTEXPIRE from SE38
  • Change the Number of Days until Expiry for example 45, and click Execute
  • The certificates that will expire within 45 days will have the expiration date in RED

I like the fact that the potentially expiring certificate shows up in RED.

Thank you

Adil

8 Comments
former_member199963
Participant
0 Kudos

Good One Adil! Very helpful.

Former Member
0 Kudos

Really helpful..gr888 stuff..keep it up..

0 Kudos

Hi Nayeem,

we have a Java-only system (PI 7.4). Is there a way to find soon expiring certificates in key storage (NWA)?

BR,

Markus

Former Member
0 Kudos

Good one Adi

0 Kudos
Parabéns, excelente....
sankar_27
Active Participant
0 Kudos
 

nice
deidre_logan
Participant
0 Kudos
for ABAP you can also use solman alerting - 2507235 - How to configure Expiring Certificates metrics in System Monitoring

 

for java oss note says you should just go to NWA to view which ones are expiring -2520663 - Certificate Expiration Notification on AS Java 7.1+  - wonder if there is a way to read the java tables for the data.
barracus
Discoverer
0 Kudos

For Java, there is an API available, as described here

Use curl to extract the data (the command is four lines long, replace <hostname> & <port> in the last line):

curl -X POST -H “Content-Type: text/xml” -H “Cache-Control: no-cache” \

 -d ‘<soapenv:Envelope xmlns:soapenv=”http://schemas.xmlsoap.org/soap/envelope/” xmlns:api=”http://sap.com/aii/tpm/internal/api/”> \

 <soapenv:Header/><soapenv:Body><api:GetKeystoreCertificates></api:GetKeystoreCertificates></soapenv:Body></soapenv:Envelope>’ \

 https://<hostname>:<port>/KeystoreService/KeystoreServiceApi

Labels in this area