DO NOT SHARE THESE DOCS WITH CUSTOMERS!

This is an LA release that will only be provided to a select number of PLM-sanctioned customers (PDFs only). Contact PLM for details.

Type: MAJOR

Object ID1.3.6.1.4.1.2879.2.8.1.2.1.12.0.21

Description

This alarm indicates that the certificate mentioned will expire in the specified number of days.

Based on the configuration, set system security certExpiryCheck expiryWarningThreshold 30 expirationPeriodicWarning 3 certReCheckRate 24, the following actions are performed on a daily basis:

  1. Get the expiry time of the certificate.
  2. Get the current time.
  3. Determine the number of days difference.
    1. If the difference in days is equal to threshold (for example, 30) then generate alarm. Otherwise, 
    2. If the difference is less than the threshold then if it is a multiplier of the periodic warning rate (for example, 3 that is 27 days, 24 days) then generate alarm. Otherwise, 

    3. Generate info level log – for example, 'certificate <certname>remote is <X> days away from expiration'. That is, the alarm is triggered when either 30 days is remaining, or on multiple of 3 days. For example, 27 days left, 24 days left, 21 days left.

Note: Once the certificate is past its expiry date, the alarm is generated on a daily basis until it is replaced or disabled. 

Repetition

Yes. See the description above for details.

Event Codes

  • sonusAlarmNodeID
  • sonusAlarmLevel
  • sonusAlarmSequenceId
  • sonusAlarmTime
  • sonusAlarmDescription
  • sonusSecurityCertName
  • sonusSecurityCertExpiryDaysLeft

Instance Fields

  • sonusSecurityCertName
  • sonusSecurityCertExpiryDaysLeft

Action

Replace the certificate to avoid call processing impact. If the certificate is no longer required, disable it to stop the alarm from being generated.

Impact

May impact call processing if the certificate is required to create secure connections.

Clearing

Manual