Certificate management - External vs Self signed

ashi2
Tera Contributor

hey Experts - 

This is regarding Certificate Inventory management. I am trying to create an Incident through Event management - however when i am getting events there is no distinguishing filter to determine if that certificate is Self signed or External. The consultants are suggesting to do scripting to get the self signed or external. However i am wondering this information should be there in the certificates that discovery should discover in first place. Please suggest a best way to avoid this scripting.. Thank you!!! (the concealed part is alpha numeric fingerprint)find_real_file.png

find_real_file.png

1 ACCEPTED SOLUTION

Hi Ashi,

This should do the trick - copied the ootb Create Incident flow, and added a "Look Up Records" action to find a certificate which matches the sysid of the CI on the alert and is self-signed. 

The if condition on the next step checks if the Count returned by the Look Up Records action is greater than 0. If yes, then it means the certificate was found and it is a self-signed cert, so the flow is stopped. 

find_real_file.png

View solution in original post

8 REPLIES 8

Hi Ashi,

This should do the trick - copied the ootb Create Incident flow, and added a "Look Up Records" action to find a certificate which matches the sysid of the CI on the alert and is self-signed. 

The if condition on the next step checks if the Count returned by the Look Up Records action is greater than 0. If yes, then it means the certificate was found and it is a self-signed cert, so the flow is stopped. 

find_real_file.png

ashi2
Tera Contributor
Thank you Adz! You were extremely helpful, I also tried OOB certification event management subflow. But I use this flow way too much so let me try this too. But thank you, I didn’t think via sys id

I believe the table you're looking for is Unique Certificate [cmdb_ci_certificate].  The Is Self-Signed attribute can be found there.

ashi2
Tera Contributor

Thank you so much Adz! This seems to me the right approach. Appreciate you taking time to explain with screen shots.