Settings

Validation Errors

Select the type of errors you want this alert to trigger on.

Expired: Triggers when a certificate has expired or is about to expire. If this option is checked, the Cert Expiration Settings below will be used.
Revoked by CRL: Triggers when a channel/connector has CRL Revocation Checking enabled and encounters a certificate that has been revoked according to the CRL.
Revoked be OCSP: Triggers when a channel/connector has OCSP Revocation Checking enabled and encounters a certificate that has been revoked according to the OCSP provider.
DN Rejected: Triggers when a channel/connector has Subject DN Validation enabled and encounters a certificate that has been rejected due to an incorrect Subject DN.

Cert Expiration Settings

These settings are used when the Expired error type is enabled.

Time Until Expiration: The amount of time (for example, 7d) before a certificate expires to trigger the alert. Only valid down to a minute-level precision. If left blank, zero (0) will be assumed, meaning that the alert will trigger when the cert actually reaches its validity end date.
Re-trigger Interval: After the first certificate expiration trigger, the alert will trigger again periodically at this interval until the certificate has either been replaced or removed. Only valid down to a minute-level precision. If left blank, the alert will only trigger at most once for every time this alert is enabled.

Certificate DN Regex

This is an optional regular expression that can be used to filter which certificates cause the alert to trigger. You can use this to have an alert only trigger for a particular certificate, or all certificates with a particular Organizational Unit, and so on.

Settings

Recommendations

Apply Destination Connector SSL Settings

Apply Source Connector SSL Settings

Common Connector SSL Settings

SSL Certificate Validation