TLS Certificate Expiry Alarm

acCertificateExpiryAlarm

Alarm	acCertificateExpiryAlarm
OID	1.3.6.1.4.1.5003.9.10.1.21.2.0.128
Description	The alarm is sent to indicate that the installed TLS certificate belonging to a configured TLS Context is about to expire (which cannot be renewed automatically) or has expired. Note: In addition to the ID of the TLS Context, the alarm's description includes the certificate's Common Name (CN). However, if the certificate doesn't contain a CN, the first subject alternative name (SAN) is included in the description. If a SAN also doesn't exist, "" is included in the description.
Default Severity	Minor
Source Varbind Text	Board#1/CertificateExpiry#X
Event Type	communicationsAlarm
Probable Cause	communicationsSubsystemFailure
Severity	Condition	Text	Corrective Action
Minor	The certificate is about to expire. This alarm is sent a user-defined number of days (TLSExpiryCheckStart) before expiration date.	"The certificate of TLS Context <ID> (CN=<Common Name>) will expire in <number> days"	Upload a new certificate to the device before the expiration of the installed certificate (which cannot be renewed automatically). To replace certificates, refer to the User's Manual.
Major	The certificate is about to expire. This alarm is sent a week as well as a day before expiration date.	"The certificate of TLS Context <ID> (CN=<Common Name>) will expire in less than a week" - Or - "The TLS certificate of TLS Context <ID> (CN=<Common Name>) will expire in a day" - Or - "The TLS certificate of TLS Context <ID> (CN=<Common Name>) will expire in less than a day"
Critical	The certificate has expired.	"The certificate of TLS Context <ID> (CN=<Common Name>) has expired <number> days ago"	Upload a new certificate to the device before the expiration of the installed certificate (which cannot be renewed automatically). To replace certificates, refer to the User's Manual.
Cleared	A new certificate is installed.	-