Forum Discussion
How to monitor device trust certificate expiry ?
Hello Experts ,
We would like to understand how we can monitor the expiry of the Device Trust Certificate located at /Common/dtca.crt.
The certificate has a validity period of 10 years; however, we would like to include it in our certificate monitoring process. Currently, only the device certificate is being monitored.
We would like to monitor the Device Trust Certificate as well and receive alerts prior to its expiry.
Could you please check and advise on the available options for monitoring this certificate?
Thank you.
1 Reply
Hi Blue_whale,
try (filename might be different in your case, not _59522_2 but different numbers):
[root@ltm:Active:Standalone] ~ # curl -sku admin:P@$$w0rd! https://localhost/mgmt/tm/util/bash \ -H "Content-Type: application/json" -X POST \ -d "{\"command\":\"run\", \"utilCmdArgs\": \"-c 'openssl x509 -text -in /config/filestore/files_d/Common_d/trust_certificate_d/\:Common\:dtdi.crt_59522_2'\"}" \ | sed 's/\\n/\n/g' | grep "Not After"Output should look like this:
Not After : Oct 20 10:15:48 2034 GMTCredits go to this post: Rest API - Device certificate URL | DevCentral
Cheers
Daniel
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com