SSL Certificate Test
All SSL web servers are configured with security certificates. During the SSL protocol handshake with clients, a server exchanges this certificate with the clients. An SSL certificate includes information about the server/domain to which the certificate is licensed, the issuing authority, and a validity period for the certificate. Beyond the validity period, the SSL certificate becomes invalid, and clients' SSL connections to the web server would fail. To avoid such a situation, it is essential that web server administrators are alerted in advance about the potential expiry of the SSL certificates on their web site. The SSL Certificate test monitors the validity period for SSL certificates of different web sites.
Target of the test : A Web server
Agent deploying the test : An internal agent
Outputs of the test : One set of results for every Target configured.
Parameter | Description |
---|---|
Test Period |
How often should the test be executed. |
Host |
The host for which the test is to be configured. |
Port |
The port at which the application listens. |
Timeout |
Provide the duration (in seconds) beyond which the test times out. |
Targets |
Provide a comma-separated list of {HostIP/Name}:{Port) pairs, which represent the web sites to be monitored. For example, 192.168.10.7:443,192.168.10.8:443. The test connects to each IP/port pair and checks for validity of the certificate associated with this target. One set of metrics is reported for each target. The descriptor represents the common name (CN) value of the SSL certificate |
Measurement | Description | Measurement Unit | Interpretation |
---|---|---|---|
SSL certificate validity |
Represents the validity of the SSL certificate in days. |
Days |
As this value approaches close to 0, an alert is generated to proactively inform the administrator that the SSL certificate is nearing expiry. A value of 0 indicates that the SSL certificate has expired. |