cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
167
Views
10
Helpful
1
Replies
snarayanaraju
Enthusiast

PKI Certificate Monitoring

Hello - What is the best industry practice to keep watching on the PKI Certificates in the Cisco Routers?

In my setup we have 500+ Routers with PKI based IPSEC tunnels. We want to proactively monitor these Certificates and take action before the expiry. 

I read about the PKI Expiry Alert based on SNMP / Syslog. Is there any other way we do to monitor the Certificates expiry dates?

 

regards,Sairam
1 REPLY 1
balaji.bandi
VIP Expert

the one you provided 1 option, otehr one make a central database and make it process.

 

get all Certificate information based on the device and add to some DB or EXCEL - write a any scripting keep checking that data and alerts group email by 90days of expirty / 60days of expirty / 30days of expirty, this give enough time for admin to take action and renew.

 

When renew add new updated date on excel or DB.

 



BB


*** Rate All Helpful Responses ***