Forum Discussion
kridsana_52318
Oct 17, 2013Nimbostratus
How to Alert before SSL Certificate expire?
Hi Everybody
I have experience issue SSL Certificate is expired. and I don't know it expire today.
Can we set BIG-IP to email Alert before SSL Certificate expire?
How to do that?
...
Hannes_Rapp
Nimbostratus
If you want a solution which also inspects each individual certificate inside a large bundle, and supports reporting to a remote syslog server, have a look at the discussion here: https://devcentral.f5.com/questions/how-to-implement-and-automate-f5-certificate-monitoring
lkchen
Aug 27, 2015Nimbostratus
Which is dependent on using cron on the F5's host OS.
Now that... instead of applying HFs for the first time ever (went from 9.3.1 to 9.3.1HF6, where HF7 came out a couple months later, but we did HF8 a couple years later....then did annual upgrades into 10.2.3+latest, 10.2.4+latest until HF5, when support got pulled out from under me and I had run into a problem in HF to apply, until we got support reinstated the same day our primary unit failed (I had gotten HF10 applied the month before after finding solution to problem I had run into here on devcentral ;)
Now I'm told that its expected to be done within 30days of its release. (due to PCI.) Not sure if it still requires full change review board and sign off from every single user (and their relatives, pets, friends...), to find a slice of time where everybody is okay with it getting done (usually 2am, Sunday during holiday shutdown between Xmas and New Years....not okay with me, though F5 will have somebody working then even if we didn't...)
But, had been getting annoyed with it happening so frequently...since our configuration backup was also cron driven. Plus there have been reasons other than HFs/upgrades that wipe out cron. And, the use of appliance mode or desire that only remote users have day-to-day access, also complicate things.
Was a pain at 2am last Tuesday to retrieve root password from escrow to overcome some problems during upgrades....which seems strange since it wasn't that long ago when logging in was a regular thing (often only so I can have an terminal window to see the prompt line...) Though probably only used the passwords once or twice since they were last updated. (while its been a couple of years since I used the GPG key's password that I use for escrow access....which took me a few tries to remember ;)
L
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects