The certExpiryCheck
feature checks for expired certificates, trust anchor validity, and if certificates have been revoked if OSCP is enabled. The following Certificate Expiry Check parameters are configurable:
certReCheckRate
, is configurable from every 8 hours up to every 30 days in increments of 1 hour. The default value is once per 24-hour period.The expiration periodic warning parameter, expirationPeriodicWarning
, is configurable between 3 to 14 days , and represents the frequency for sending periodic warning reminders once the expiryWarningThreshold
has been met. The default value is 7 days. Select 'disable' to turn off this feature.
expiryWarningThreshold
, is configurable between 30 to 90 days , and represents the number of days prior to a certificate expiration date on which to generate an expiry warning message. The default value is 60 days. Select 'disable' to turn off this feature....
Code Block | ||
---|---|---|
| ||
% set system security certExpiryCheck certReCheckRate <8-720 hours> expirationPeriodicWarning <3-14 days> expiryWarningThreshold <30-90 days> % show system security certExpiryCheck |
...
...
Parameter | Length/Range | Description | ||||
---|---|---|---|---|---|---|
certReCheckRate | disable, or 8-720 hours | The interval, in hours, for
| ||||
expirationPeriodicWarning | disable, or 3-14 days (in increments of 1 day) | The frequency, in days, for sending periodic warning reminders once the | ||||
| disable, or 30-90 days | The number of days |
...
before a certificate expiration date on which to generate an expiry warning message. Select 'disable' to turn off this feature. (default = 60) |
...