5.2.22.4 SEPPX509CertificateExpiryAlertMajor

Table 5-105 SEPPX509CertificateExpiryAlertMajor

Field Details
Trigger Condition When TLS certificate is valid for only 3 months before expiration.
Severity Major
Alert details provided
Summery: 
Certificate expiry in less than 3 months
Expression: 
security_cert_x509_expiration_seconds{namespace="sepp-namespace"} - time() <= 7862400
OID 1.3.6.1.4.1.323.5.3.46.1.2.4046
Metric used security_cert_x509_expiration_seconds
Resolution Only after certificates have been updated, this alert will be removed.
Possible resolutions:
  1. If SSLHandshakeException or SSLException error is observed, verify that both the server and client have one common TLS version supported.
  2. If a common TLS version is supported, then check if both the client and server have compatible cipher suites.
  3. Also, ensure that CA certificate of server must be present inside client's truststore.
  4. For more details, refer 'Support for TLS 1.3' section in Oracle Communications Cloud Native Core, Security Edge Protection Proxy Troubleshooting Guide.