MID Server cacerts file - is there a method to report on certificates and expiry dates

stevemac
Tera Guru

Hi,

We're having to deploy certificates into the MID Server agent's cacerts file and are looking for an effective way to:

  • record where we've installed them (Server and path)
  • Know when expiry is approaching
  • Usage / reason for deployment

Wondering...:

  • are there any methods / functions available on the MID server to query the cacerts file?
  • how others track where certs have been deployed / due to expire

Note: at present we are installing via powershell.  if necessary we will write a script to get the list of certs and then iterate through them to get expiry. 

I am unaware of a process to create a certificate entry on the instance for download / installation on the MID Server.  If this is possible - please share the details

thanks,

Steve

1 REPLY 1

stevemac
Tera Guru

FYI: I logged this with NOW Support and there isn't any OoTB functionality to report on certificate expiry dates for certificates in the cacerts file.  Will have to roll our own solution

FYI: also found out (the hard way) that not all user added content to the cacerts file is retained during a MID Server upgrade.  Now looking at an external key store