cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SSL key expiration date

mpc_support_csb
Contributor

Hi Team, Is there a way to find SSL key expiration date for the applications which are already instrumented in DCRUM from CAS console.

5 REPLIES 5

adam_piotrowicz
Dynatrace Pro
Dynatrace Pro

Nothing like this exists in DC RUM, but please take a look at free online tool like SSL Ping that could monitor your SSL certificate expiration date on the web server.

Is the SSL key expiration kept the in DB so that we are able to script to detect via the alert function ?

No it's not in any DB, but after deeper look I can see that on classic AMD this information is present. Try to execute:

 rcmd show ssldecr certs | grep -e "Subject:" -e "Not After"

This should give you the necessary info that you should process then with Linux tools to get it somewhere out ...

Thanks a lot

chris_v
Dynatrace Pro
Dynatrace Pro

Technically, the private keys DCRUM holds do not expire (which is why we can't report this), it's the public certificate that has an expiry date on it.

Again technically a new certificate could be issued with the same private key - it's poor practice to do so.