HTTP Certificate Expiry Date location

Hi @johnw66 ,

I’m not sure if the HTTP certification is stored in anywhere in the database but it is included in the Application Monitoring Metrics Command Line Interface.

CLI monitoring interface facilitates all metricises setup in as Application Monitoring queries as well as much more about IFS middleware including HTTP certificate expiration.

More details about CLI interface can be found in following section of the technical documentation.

Whenever we renew our cert, I set an Outlook reminder a month in advance of its expiration date.

I found a PowerShell solution to check this for a farm of servers. (I lightly modified it.)

https://stackoverflow.com/questions/39253055/powershell-script-to-get-certificate-expiry-for-a-website-remotely-for-multiple

$minimumCertAgeDays = 30
$timeoutMilliseconds = 10000
# $urls = get-content .\check-urls.txt
$urls = @()
$urls += 'https://docs.ifs.com/techdocs/'
$urls += 'https://www.ifs.com/us/'
$urls += 'https://community.ifs.com/'

#disabling the cert validation check. This is what makes this whole thing work with invalid certs...
[Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

ForEach ($url in $urls)
{
    Write-Host "Checking $url" -f Green
    $req = [Net.HttpWebRequest]::Create($url)
    $req.Timeout = $timeoutMilliseconds
    $req.AllowAutoRedirect = $false
    try {
        $req.GetResponse() | Out-Null
    } Catch {
        Write-Host "Exception While checking URL $url`: $_ " -f Red
    }
    $certExpiresOnString = $req.ServicePoint.Certificate.GetExpirationDateString()
    #Write-Host "Certificate expires on (string): $certExpiresOnString"
    [DateTime] $expiration = [System.DateTime]::Parse($req.ServicePoint.Certificate.GetExpirationDateString())
    #Write-Host "Certificate expires on (datetime): $expiration"
    [Int] $certExpiresIn = ($expiration - $(get-date)).Days
    $certName = $req.ServicePoint.Certificate.GetName()
    $certPublicKeyString = $req.ServicePoint.Certificate.GetPublicKeyString()
    $certSerialNumber = $req.ServicePoint.Certificate.GetSerialNumberString()
    $certThumbprint = $req.ServicePoint.Certificate.GetCertHashString()
    $certEffectiveDate = $req.ServicePoint.Certificate.GetEffectiveDateString()
    $certIssuer = $req.ServicePoint.Certificate.GetIssuerName()
    If ($certExpiresIn -gt $minimumCertAgeDays)
    {
        Write-Host "Cert for site $url expires in $certExpiresIn days [on $expiration]" -f Green
    }
    Else
    {
        Write-Host "WARNING: Cert for site $url expires in $certExpiresIn days [on $expiration]" -f Red
        Write-Host "Threshold is $minimumCertAgeDays days. Check details:`nCert name: $certName" -f Red
        Write-Host "Cert public key: $certPublicKeyString" -f Red
        Write-Host "Cert serial number: $certSerialNumber`nCert thumbprint: $certThumbprint`nCert effective date: $certEffectiveDate`nCert issuer: $certIssuer" -f Red
    }
    Write-Host
    Remove-Variable req
    Remove-Variable expiration
    Remove-Variable certExpiresIn
}