Layer 7 API Management

Expand all | Collapse all

Is there a way to manage/notify for expiring private keys on CA API Gateway. I found a sample policy for trusted certs but nothing for private keys management.

Jump to Best Answer
  • 1.  Is there a way to manage/notify for expiring private keys on CA API Gateway. I found a sample policy for trusted certs but nothing for private keys management.

    Posted 12-20-2016 10:06 AM

    Hi all,

     

    I am trying to find a mechanism/assertion/custom policy which can help me track the private keys tied up to different ports on CA api gateway product.

    Like trusted root certificates, I want to track the expiry date for them and if possible generate email alert.

    There is one article which shows sample policy to generate alert for expired Trusted Root Certificates, but I found nothing for private keys i.e. client certificates.

    Please assist. Thanks !



  • 2.  Re: Is there a way to manage/notify for expiring private keys on CA API Gateway. I found a sample policy for trusted certs but nothing for private keys management.
    Best Answer

    Posted 12-21-2016 01:52 PM

    Anuj,

     

    Good afternoon. Currently they is not a mechanism that will alert when a private key is set to expire as the trusted certificates will do. One recommendation we have made was to import the public key for the private key into the Manage Certificate and not give it any options so it is simply being monitored. Please create an idea for this behavior.

     

    Sincerely,

     

    Stephen Hughes

    Director, CA Support