DX Application Performance Management

  • 1.  Any way for ASM to monitor for expiration of self-signed certificates?

    Posted Mar 20, 2018 12:25 PM

    Is there any way for ASM to monitor for expiry for self-signed certificates ? As far as I can see, any self-signed cert will fail the basic check.

     

    Thanks,

     

    Rick



  • 2.  Re: Any way for ASM to monitor for expiration of self-signed certificates?
    Best Answer

    Broadcom Employee
    Posted Mar 20, 2018 02:18 PM

    Hi Rick,

     

    Certificate expiration is checked only when 'Verify Certificate' is enabled in HTTPS monitor settings.  So the expiration can't be checked independently.  Self-signed certificate is then treated as untrusted with the 'Verify Certificate' enabled.

     

    Regards,
    Matt

     



  • 3.  Re: Any way for ASM to monitor for expiration of self-signed certificates?

    Posted Mar 22, 2018 05:27 PM

    Hi Matt,

     

    Yeah, that's the behavior I see. Do you think CA would entertain an enhancement to allow checking of self-signed certs for expiration only ?

     

    Rick