Jump to content

Monitoring of internal Certificates stays at "checking"


Recommended Posts

Posted

Hey there!

When we try and add notifications for certificate expirations on internal certificates the status stays at "checking".
Those certificates are from an internal Certificate Authority (Microsoft CA) and the websites in question can be opened correctly in a browser on the machine where we setup the notifications.

Do you have any tips where and why this is failing or not completing the checks or where to get verbose/debug logs for this?

Website monitoring the https:// where the certificates in question is setup works.
Checking the validity of the certificate(s) behaves the same if configured on the local agent - on the machine where the certificate/site resides.

 

image.png.63c324525751ef15121c86eaec2dc9d3.png

Posted

Hey Jamie,

thanks for opening the ticket.


Whilst detailing the case to the support agent, me and my colleague noticed - while doublechecking our setup and my description of it - that the common denominator of those certificates was that they had no "Subject" filled out and instead we were using "Subject Alternative Names" (SANs) which works fine in browsers but isn't checked by the agent.

I've already re-issued one of the certificates with a "Subject" (CN=<DNS FQDN>) + SANs and the check now succeeds.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...