Layer7 API Management

We would like to monitor the expiration date of all the certificates we have the API Gateway's trust store so we can proactively update/replace them before they do expire. We know the API logs warnings every 12 hours if certificates are about to expire, but that's not always practical. We know we can list all certificates in the trust Store using the RESTMAN API, but then we would have to develop something to parse that data, extract the expiration date for each certificate and send a notification somewhere.

Since this is probably a very common requirement, we were wondering if anyone in the community had done this before and if so, if they would be willing to share it?

We are using CA API Gateway 9.1.

Thanks!

Hi Yanick,

You may find this article useful in setting up email alerts for certificate expiration.

Generating email alerts for expiring trusted certificates 

Regards,

Joe

Thanks Joe! That could indeed be useful, but I'm not clear on how to use the Audit Sink Policy. Do you have any details on the implementation part? Where to I paste the example attachment?

The sample can be imported to the audit sink policy. We have some great information here that will give some more background on what this is and how it can be configured. Hope this helps.

Working with the Audit Sink Policy - CA API Gateway - 9.2 - CA Technologies Documentation 

Thanks! I will look this up. I think it would definitely be the solution to our need.