- How can i set up reporting for certificates that are about to expire?

- How can I monitor certificates backing identities in the ID providers?

Release : 10.1

Component : API GATEWAY

Docs link for alerts for certificate expiration notification:

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/10-1/security-configuration-in-policy-manager/tasks-menu-security-options/manage-certificates.html

OR

Policy attached that reports includes the repository name. Certificate name and expires data timeframe within 30 days  (note if it’s in the manage certificates area it till be in the “Trusted Certificate” store

THESE CERTS WILL EXPIRE IN 30 DAYS
Repository Name: Provider:Internal Identity Provider | Name: Test1 |  Expires:2023-05-26T15:43:58.000Z
Repository Name: Provider:Internal Identity Provider | Name: Test2 |  Expires:2023-05-26T15:43:58.000Z
Repository Name: Provider:X509Cert | Name: Test3 |  Expires:2023-04-15T17:41:27.000Z
Repository Name: Provider:X509Cert | Name: Test4 |  Expires:2023-05-26T15:43:58.000Z
Repository Name: Trusted Certificate | Name: <hostName> |  Expires:2023-04-22T00:22:10.000Z
Repository Name: Trusted Certificate | Name: <domainName> |  Expires:2022-06-09T23:59:59.000Z

Require to create JDBC connection to the the master SSG DB 

JDBC connection to SSG DB 

Policy Manager -> Tasks -> Manager JDBC connections -> Add 

Create a object call localhost 

Need to add info to connect to the  SSG master DB (localhost or for cluster setups FQDN)

TEST to make sure it works

Service endpoint to access 

Create new Publish Web API

Provide endpoint URI  i.e. /certexpire

Click “Import Policy”  on the top right of the new service and import the attached certexpire.xml

Click :Save and Activate” after import 

Access endpoint https://<gatewayhost>:8443/certexpire