Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
940
Views
0
Helpful
5
Replies

Certificate Experiation alerts -ANM 4.1

nygenxny123
Level 1
Level 1

‎05-31-2011 10:05 AM

I am trying to configure  these so we get alerted via email

Under certificates i click "configure cert expiry threshhold alarms"

and that takes me to teh Alarm Notifciation Tab

but under threshold setting..i see nothing for cert experiation notification or cert experiation in general

How are these configured??

Labels:
0 Helpful
5 Replies 5

Daniel Arrondo Ostiz
Cisco Employee
Cisco Employee

‎06-01-2011 12:31 AM

Good morning,

To see the certificate expiration alarm options, the device type selected needs to be either "ACE VC" or "ACE 4710 VC" because this kind of alarm is done on a per-context basis.

See the attached screenshot for more details

Regards

Daniel

Preview file
126 KB
0 Helpful

nygenxny123
Level 1
Level 1
In response to Daniel Arrondo Ostiz

‎06-01-2011 08:50 AM

thank you...

I have added each context that contains certificates

Threshold settings

ACE VC-

category-ssl cert exp (in days)

Assert on value (30)

Clear on value (31)

notify when clear -checked

severity-info

I have added the various emails accounts to be notified

I placed nothing in traps...........


however i am still not getting notified

under settings > smtp configuration>

I have added the ip address of the mail server

our mail servers use the standard port for smtp configuration.................however i am not recieving

any alerts..........we have a number of certs that are under the 30 day limit

also what is the difference between ACE 4710 VC and ACE VC

we have both the 4710's and the modular card ACE--would I need different threshold configurations for each one?

0 Helpful

Daniel Arrondo Ostiz
Cisco Employee
Cisco Employee
In response to nygenxny123

‎06-02-2011 04:03 AM

Hi

The alarm is triggered the moment the threshold is breached, so, it will only be generated for those certificates that reach the 30 day expiration threshold after the alarm has been configured.

If you want to verify it's working, I woud recommend you to choose one certificate, configure a threshold slightly higher than that certficate's expiration days and wait until the threshold is breached to see if the notification email is sent or not.

For your other question, ACE modules and ACE appliances are handled slightly differently by ANM, so, if you are using both, you will have to create two separate thresholds.

Regards

Daniel

0 Helpful

nygenxny123
Level 1
Level 1
In response to nygenxny123

‎06-02-2011 01:40 PM

Ok..i configued 3 different threshold groups

one for ACE 4710 VC

one for ACE VC

one with included both device types..ACE .4710 VC and ACE VC

all contexts were put under device selection and with an Assert on Value of 350

which would cover alot of certificates which are due to expire in a few months

still no alerts

any ideas?

0 Helpful

Daniel Arrondo Ostiz
Cisco Employee
Cisco Employee
In response to nygenxny123

‎06-03-2011 02:47 AM

Hi,

At this point, I think the best would be to open a TAC service request to have your issue investigated further.

To troubleshoot your issue, we will for sure need to get a lifeline from the ANM, so, you can already attach it to the case from the start to save some time.

Regards

Daniel

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card