JohnnyJoker Posted February 28, 2022 Posted February 28, 2022 Hey there! When we try and add notifications for certificate expirations on internal certificates the status stays at "checking". Those certificates are from an internal Certificate Authority (Microsoft CA) and the websites in question can be opened correctly in a browser on the machine where we setup the notifications. Do you have any tips where and why this is failing or not completing the checks or where to get verbose/debug logs for this? Website monitoring the https:// where the certificates in question is setup works. Checking the validity of the certificate(s) behaves the same if configured on the local agent - on the machine where the certificate/site resides.
Jamie Taylor Posted March 2, 2022 Posted March 2, 2022 Hey @JohnnyJoker, I have raised a support ticket for your assistance. Our team will contact you shortly regarding this.
JohnnyJoker Posted March 2, 2022 Author Posted March 2, 2022 Hey Jamie, thanks for opening the ticket. Whilst detailing the case to the support agent, me and my colleague noticed - while doublechecking our setup and my description of it - that the common denominator of those certificates was that they had no "Subject" filled out and instead we were using "Subject Alternative Names" (SANs) which works fine in browsers but isn't checked by the agent. I've already re-issued one of the certificates with a "Subject" (CN=<DNS FQDN>) + SANs and the check now succeeds.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now