Forum Discussion
Dev_56330
Cirrus
CirrusSNMP Trap for Expired Certificates
Can anyone provide an example of the useralert.conf file displaying a trap for expired certificates on the Big IP? I have read the article below though it is still not clear to me on how to perform ...
this is mine. you may have to correct the matched message in user_alert.conf.
sol14318: Monitoring SSL certificate expiration on the BIG-IP system (11.x)
http://support.f5.com/kb/en-us/solutions/public/14000/300/sol14318.htmlsol11127: Testing SNMP traps on the BIG-IP system (9.4.x - 11.x)
http://support.f5.com/kb/en-us/solutions/public/11000/100/sol11127.htmle.g.
// config [root@ve11a:Active:In Sync] config cat /config/user_alert.conf alert TEST "Certificate (.*) in file (.*) will expire on (.*)" { email toaddress="nitass" fromaddress="whatever" body="Help, I am going to expire." } // test [root@ve11a:Active:In Sync] config logger -p local0.warn "01420007:4: Certificate CN=www.com,L=Seattle,ST=WA,C=US in file /Common/site1.crt will expire on May 27 14:56:25 2014 GMT" [root@ve11a:Active:In Sync] config // email -----Original Message----- From: root [mailto:root@ve11a.acme.local] Sent: Saturday, August 16, 2014 3:36 PM To: Nitass Subject: 01420007:4: Certificate CN=www.com,L=Seattle,ST=WA,C=US in file /Common/site1.crt will expire on May 27 14:56:25 2014 GMT Help, I am going to expire.
nitass_89166
Noctilucent
Noctilucentthis is mine. you may have to correct the matched message in user_alert.conf.
sol14318: Monitoring SSL certificate expiration on the BIG-IP system (11.x)
http://support.f5.com/kb/en-us/solutions/public/14000/300/sol14318.htmlsol11127: Testing SNMP traps on the BIG-IP system (9.4.x - 11.x)
http://support.f5.com/kb/en-us/solutions/public/11000/100/sol11127.htmle.g.
// config
[root@ve11a:Active:In Sync] config cat /config/user_alert.conf
alert TEST "Certificate (.*) in file (.*) will expire on (.*)" {
email toaddress="nitass"
fromaddress="whatever"
body="Help, I am going to expire."
}
// test
[root@ve11a:Active:In Sync] config logger -p local0.warn "01420007:4: Certificate CN=www.com,L=Seattle,ST=WA,C=US in file /Common/site1.crt will expire on May 27 14:56:25 2014 GMT"
[root@ve11a:Active:In Sync] config
// email
-----Original Message-----
From: root [mailto:root@ve11a.acme.local]
Sent: Saturday, August 16, 2014 3:36 PM
To: Nitass
Subject: 01420007:4: Certificate CN=www.com,L=Seattle,ST=WA,C=US in file /Common/site1.crt will expire on May 27 14:56:25 2014 GMT
Help, I am going to expire.
Dev_56330Thanks. I have configured the user_alert.conf file as follows and used the provided solution article to test the SNMP trap though I am still not receiving email. What SMTP configuration is used when sending email from the big IP? Under system configuration > Device > SMTP I have configured my exchange server though I am not sure if this is the only configuration that needs to be made or if it is even needed. I have also validated email is flowing between my internal users so exchange is not the issue in this case. Any thoughts? alert Test "Certificate (.*) in file (.*) will expire on (.*)" { email toaddress="validemailaddress@lab.com" fromaddress="anything@lab.com" body="A certificate is about to expire" } alert Test1 "Certificate (.*) in file (.*) expired on (.*)" { email toaddress="validemailaddress@lab.com" fromaddress="anything@lab.com" body="A certificate has expired" }