2 Replies Latest reply: Jan 2, 2012 4:23 AM by A.N RSS

    ASA certificate expire


      Hi ALL,



      we have ssl certificate from third party authority, it was expire.we got to know when it was already expire.


      Is there any way we get alert or any log . when in future new certicate expire we get mail or log or any alert.


      Please adivce any body have any idea about this






      Thanks & Regards


        • 1. Re: ASA certificate expire
          Paul Stewart  -  CCIE Security

          I don't see that a syslog message is generated for that particular scenario.  If the ASA is acting as a CA, it may generate the following:


          %ASA-1-717049: Local CA Server certificate is due to expire in number days and a replacement certificate is available for export.


          My recommendation is to set your own reminder when you obtain it from the Trusted Root Authority.  Typically, they remind you because they want your money.  My clients typically use an Outlook Calendar.  If you are in a more structured environment, schedule something in your trouble ticket system to open a ticket when necessary. 


          Honestly, that's not really the ASA's problem.  It will present a signed certificate containing the public key.  The clients simply see the signed certificate as having an expired date. 

          • 2. Re: ASA certificate expire

            thanks Paul. actually we are using third party certificate authority. So i think we have to keep reminder.if you find something in future.please let me know




            Thanks & Regarda