Traps

When a security certificate is installed locally on the Oracle Communications Core Session Manager, you can poll the expiration of the certificate using the apSecurityCertificateTable.

You can configure the OCCSM to generate the apSecurityCertExpiredNotification trap once a certificate has expired. The number of minutes between notifications sent is configured in the security-config parameter local-cert-exp-trap-int.

To send a warning of expiration, you can set the security-config parameter local-cert-exp-warn-period to the number of days before the locally installed certificate expires in which you would like a warning. The number of minutes between notifications sent is configured in the security-config parameter local-cert-exp-trap-int.

Alarms

The OCCSM also generates an alarm when the certificate of a tls-profile is about to expire or has expired. The value of local-cert-exp-warn-period determines the number of days before a certificate expires in which the OCCSM generates a warning alarm.

When the certificate is about to expire:

ORACLE# display-alarms
1 alarms to show
ID      Task    Severity        First Occurred          Last Occurred
327731  3386    6       2019-01-29 21:47:55     2019-01-29 21:47:55
Count   Description
1       Certificate: tempCert expiring on Jan 30 20:58:29 2019 GMT,

done
ORACLE#

When the certificate has expired:

ORACLE# display-alarms
1 alarms to show
ID      Task    Severity        First Occurred          Last Occurred
327730  3386    6       2019-02-01 16:20:45     2019-02-01 16:20:45
Count   Description
1       Certificate: tempCert expired on Jan 30 20:58:29 2019 GMT,

done
ORACLE#