Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
610
Views
10
Helpful
1
Replies

PKI Certificate Monitoring

snarayanaraju
Level 4
Level 4

‎01-22-2021 03:13 AM

Hello - What is the best industry practice to keep watching on the PKI Certificates in the Cisco Routers?

In my setup we have 500+ Routers with PKI based IPSEC tunnels. We want to proactively monitor these Certificates and take action before the expiry. 

I read about the PKI Expiry Alert based on SNMP / Syslog. Is there any other way we do to monitor the Certificates expiry dates?

 

regards,Sairam
Labels:
1 Reply 1

balaji.bandi
Hall of Fame
Hall of Fame

‎01-22-2021 03:20 AM

the one you provided 1 option, otehr one make a central database and make it process.

 

get all Certificate information based on the device and add to some DB or EXCEL - write a any scripting keep checking that data and alerts group email by 90days of expirty / 60days of expirty / 30days of expirty, this give enough time for admin to take action and renew.

 

When renew add new updated date on excel or DB.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card