Forum Discussion
Dev_56330
Aug 15, 2014Cirrus
SNMP Trap for Expired Certificates
Can anyone provide an example of the useralert.conf file displaying a trap for expired certificates on the Big IP? I have read the article below though it is still not clear to me on how to perform ...
- Aug 16, 2014
this is mine. you may have to correct the matched message in user_alert.conf.
sol14318: Monitoring SSL certificate expiration on the BIG-IP system (11.x)
http://support.f5.com/kb/en-us/solutions/public/14000/300/sol14318.htmlsol11127: Testing SNMP traps on the BIG-IP system (9.4.x - 11.x)
http://support.f5.com/kb/en-us/solutions/public/11000/100/sol11127.htmle.g.
// config [root@ve11a:Active:In Sync] config cat /config/user_alert.conf alert TEST "Certificate (.*) in file (.*) will expire on (.*)" { email toaddress="nitass" fromaddress="whatever" body="Help, I am going to expire." } // test [root@ve11a:Active:In Sync] config logger -p local0.warn "01420007:4: Certificate CN=www.com,L=Seattle,ST=WA,C=US in file /Common/site1.crt will expire on May 27 14:56:25 2014 GMT" [root@ve11a:Active:In Sync] config // email -----Original Message----- From: root [mailto:root@ve11a.acme.local] Sent: Saturday, August 16, 2014 3:36 PM To: Nitass Subject: 01420007:4: Certificate CN=www.com,L=Seattle,ST=WA,C=US in file /Common/site1.crt will expire on May 27 14:56:25 2014 GMT Help, I am going to expire.
nitass_89166
Noctilucent
this is mine. you may have to correct the matched message in user_alert.conf.
sol14318: Monitoring SSL certificate expiration on the BIG-IP system (11.x)
http://support.f5.com/kb/en-us/solutions/public/14000/300/sol14318.htmlsol11127: Testing SNMP traps on the BIG-IP system (9.4.x - 11.x)
http://support.f5.com/kb/en-us/solutions/public/11000/100/sol11127.htmle.g.
// config
[root@ve11a:Active:In Sync] config cat /config/user_alert.conf
alert TEST "Certificate (.*) in file (.*) will expire on (.*)" {
email toaddress="nitass"
fromaddress="whatever"
body="Help, I am going to expire."
}
// test
[root@ve11a:Active:In Sync] config logger -p local0.warn "01420007:4: Certificate CN=www.com,L=Seattle,ST=WA,C=US in file /Common/site1.crt will expire on May 27 14:56:25 2014 GMT"
[root@ve11a:Active:In Sync] config
// email
-----Original Message-----
From: root [mailto:root@ve11a.acme.local]
Sent: Saturday, August 16, 2014 3:36 PM
To: Nitass
Subject: 01420007:4: Certificate CN=www.com,L=Seattle,ST=WA,C=US in file /Common/site1.crt will expire on May 27 14:56:25 2014 GMT
Help, I am going to expire.
Dev_56330
Aug 18, 2014Cirrus
Thanks. I have configured the user_alert.conf file as follows and used the provided solution article to test the SNMP trap though I am still not receiving email. What SMTP configuration is used when sending email from the big IP? Under system configuration > Device > SMTP I have configured my exchange server though I am not sure if this is the only configuration that needs to be made or if it is even needed. I have also validated email is flowing between my internal users so exchange is not the issue in this case. Any thoughts?
alert Test "Certificate (.*) in file (.*) will expire on (.*)" {
email toaddress="validemailaddress@lab.com"
fromaddress="anything@lab.com"
body="A certificate is about to expire"
}
alert Test1 "Certificate (.*) in file (.*) expired on (.*)" {
email toaddress="validemailaddress@lab.com"
fromaddress="anything@lab.com"
body="A certificate has expired"
}
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects