hanhaka
commented
7 years ago Agreed that work on this issue can be started (in Working Group meeting on 6th of April, 2017).
Closed hanhaka closed 6 years ago
hanhaka
commented
7 years ago Agreed that work on this issue can be started (in Working Group meeting on 6th of April, 2017).
hanhaka
commented
6 years ago Fixed in 6.16.0, https://github.com/ria-ee/X-Road/pull/61
Affected components: ENV Monitoring Affected documentation: Monitoring-architecture.md Estimated delivery: Q2/2017 External reference: https://jira.csc.fi/browse/PVAYLADEV-746
Problem It would be extremely useful if X-Road central administration personnel could check somehow the expiration dates of auth and sign certificates of a organization joined to X-Road instance (Estonian X-Tee or Finnish Palveluväylä). By seeing and validating the organization's certificates expiration dates makes possible to avoid service break situations due to expired certificates.
Environmental (ENV) Monitoring component can collect the information about the certificate expiration dates from a Security Server and send the data to central environment when requested.
To make the above possible, a new ENV monitoring related sensor is implemented. The sensor digs out the expiration dates of auth and sign certificates and includes this information to be a part of Security Server ENV monitoring metrics. Note! As there is no currently possible to identify the organization of interest, the expiration dates of sign certificate of all organizations in the Security Server are included to data metrics set. In the future it should be possible to identify the organization whose expiration date of sign certificate is interested.
The new sensor must be configurable so that the update interval of data (= how often sensor checks the expiration dates) is defined by a setting (parameter?) of a Security Server. Default value is set to 24h.
Acceptance criteria