Asking for clarification on certificate expiration.
We have 2 ASM monitors and Verify certificate is checked (HTTPS monitors).
How early will we get certificate expiry emails (21 days, 10 days etc) telling that the certificate is going to expire ? Is this configurable ?
Here is the explanation from ASM Engineering:
"The first warning at 30 days before expiration got changed to 21 instead because of widespread use of Let's Encrypt. Using Let's Encrypt, the certificates are getting regenerated when they're <30 days before expiration so precisely at 30 days, Let's Encrypt users were getting unnecessary warnings.
So now it's 21, 14, 7, 3, 2, 1 + expired. This is not configurable.
When the certificate expires, the monitor itself starts failing ( it has the "verify certificate" checked on). The days to expire checks are done differently (not at monitor runs). That's also the reason why it's not configurable.
Release : SAAS
Component : CA APP SYNTHETIC MONITOR (WATCHMOUSE)
Per ASM Engineering, its not configurable