5.2.22.3 SEPPX509CertificateExpiryAlertMinor

Table 5-104 SEPPX509CertificateExpiryAlertMinor

Field Details
Trigger Condition When TLS certificate is valid for only 6 months before expiration.
Severity Minor
Alert details provided
Summery: 
Certificate expiry in less than 6 months
Expression: 
security_cert_x509_expiration_seconds{namespace="sepp-namespace"} - time() <= 15724800
OID 1.3.6.1.4.1.323.5.3.46.1.2.4045
Metric used security_cert_x509_expiration_seconds
Resolution Only after certificates have been updated, this alert will be removed.
Possible resolutions:
  1. If SSLHandshakeException or SSLException error is observed, verify that both the server and client have one common TLS version supported.
  2. If a common TLS version is supported, then check if both the client and server have compatible cipher suites.
  3. Also, ensure that CA certificate of server must be present inside client's truststore.
  4. For more details, refer 'Support for TLS 1.3' section in Oracle Communications Cloud Native Core, Security Edge Protection Proxy Troubleshooting Guide.