cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Get certificate lifetime as a metric

Steffen
Visitor

Dear all,

after Dynatrace extended the synthetic monitoring with a SSL certificate checker we would like to perform our certificate checks based on this feature. Somehow i am not able to get the lifetime of the metric as a Info metric - it is only reported if an error occours. Did somebody were able to get the certificate lifetime shown all the time (e.g. as a metric)? 

Thanks!

5 REPLIES 5

r_weber
Pro

Hi @Steffen ,

I think the certificate lifetime as a metric isn't that useful. All you would see is a constantly linear decreasing value down to (eventually) zero or your threshold. Or can you think of another usecase other than displaying this decrease as chart?

If you really need this you can check out my advanced certificate check plugin which I built before this support was available in Dynatrace. It should be fairly easy to report the certificate lifetime as metric as well...though as said I doubt is practical usecase.

Also keep in mind that usually you do not need to check the certificate validity every minute and report a metric for that. For this reason my plugin has an option to e.g. only check the certificate every 6 ours or more. That is usually enough since certificates are rather long lived. I do not think you need to check this with every execution of a monitor.

 

Reinhard

 

Certified Dynatrace Master, Dynatrace Partner - 360Performance.net

Fantastic work on the advanced certificate check plug for the ActiveGate.   We use it extensively, over 1200 checks (yes, unfortunate for the 100 limit but we manage).

 

Certificates are centrally monitored but still it is the responsibility of the application teams to keep them updated.  They would like to actually put the Day's until expire on their application dashboards, then use PowerUp to change the color of the number as the expiration date approaches.  

 

Yes, the alerts work well, but they prefer to have constant visual of days until. Even if it updates every 24 hours.

Hi @ct_27 ,

reporting the days until expire as metric is not a big deal. I might add it as an option.

Happy to discuss this further here.

There are a few considerations to take, e.g. reporting as part of a custom device or just as custom metric. Happy to take further input!

Certified Dynatrace Master, Dynatrace Partner - 360Performance.net

Hi @ct_27 & @Steffen ,

 

I've added an option to report the certificate lifetime as metric back to Dynatrace. You can use the latest plugin version 1.9 and you will get a metric with the certificate expiry date per checked host.

Certified Dynatrace Master, Dynatrace Partner - 360Performance.net

Thank you, I'm scheduled with our Admin to update the extension on Thursday. Will let you know how it goes.  You're solution to the issue is very logical by making it a toggle. This gives us some flexibility in controlling the potential DDU costs which obviously we can't avoid due to demand for the metric but we can at least control.