ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

url_response generating alarm for expiration of certificate with wrong number of days / log shows error 302

book

Article ID: 224620

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM)

Issue/Introduction

url_response probe version 4.46

We are getting an alarm from url_response for a website that says 15 days to expiration but when viewing the actual certificate on the webpage in a browser, it shows a much longer time period.

Cause

Redirection of URL

Environment

Release : 20.3

Component : UIM - URL_RESPONSE

Resolution

The url_response log will provide more insight.  For example:

  Sep 15 12:55:06:957 [8596] url_response: Using InternetConnect / HttpOpenRequest / HttpSendRequest to fetch https://mysite/
  Sep 15 12:55:07:103 [8596] url_response: Query Certificate Information Successfull
  Sep 15 12:55:07:103 [8596] url_response: [ProfileName] 444 days left for Expiry Of Certificate
  Sep 15 12:55:07:103 [8596] url_response: HttpQueryInfo returns 302 - The requested resource resides temporarily under a different URI (Uniform Resource Identifier).
  Sep 15 12:55:07:187 [8596] url_response: Query Certificate Information Successfull
  Sep 15 12:55:07:187 [8596] url_response: [ProfileName] 15 days left for Expiry Of Certificate
  Sep 15 12:55:07:195 [8596] url_response: [ProfileName] debug - MyGet (https://mysite/) returns 0

 

This shows that the HTTPS request is being temporarily redirected (error 302).

In this case it happened to be due to a Single-Sign-On (SSO) app which was being called, and the certificate on the SSO server was actually the one which was close to expiration.