Check the expiration date of internal certificates or CAs

You can check the status of internal certificates used in system communications and the status of the internal certificate authority that automatically signs the internal certificates.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Select Configuration, then browse to Administration.
  2. Browse to Certificates > Internal Certificates or Certificates > Certificate Authorities > Internal Certificate Authorities.
  3. Check the Expiration Date column.
    Tip: To view detailed information, right-click a certificate or Internal Certificate Authority element, then select Properties.

Internal Certificate Properties dialog box

Use this dialog box to view the details of an Internal Certificate.

Option Definition
General tab
Name The name of the element.
Signature Algorithm The signature algorithm that was used to sign the certificate.
Valid From The start date of certificate validity.
Valid To The end date of certificate validity.
Subject Name The identifier of the certified entity.
Fingerprint (SHA-1) The certificate fingerprint using the SHA-1 algorithm.
Fingerprint (SHA-256) The certificate fingerprint using the SHA-256 algorithm.
Fingerprint (SHA-512) The certificate fingerprint using the SHA-512 algorithm.
Status
  • Ready to Use — A new internal certificate authority has been created and signs only Management Server certificates.
  • Active — All Secure SD-WAN Manager components use certificates signed by this internal certificate authority.

    When there are multiple Management Servers, all Management Servers are using the new internal certificate authority.

  • Renewal Started — This is a new internal certificate authority that the Secure SD-WAN Manager has created automatically. The process of renewing internal certificates for the Secure SD-WAN Manager components has begun.
  • Expires Soon — A new internal certificate authority has been created but some components might still use certificates signed by this internal certificate authority.
  • Inactive — This internal certificate authority has expired or no Secure SD-WAN Manager component uses a certificate signed by this internal certificate authority.
Option Definition
Certificate tab
Certificate text area The contents of the certificate.
Export Exports the certificate text.
Import Opens a file browser to import a certificate file.

Internal Certificate Authority Properties dialog box

Use this dialog box to view the details of an Internal Certificate Authority element or to export the certificate of an internal certificate authority.

Option Definition
General tab
Name The name of the element.
Subject Name The identifier of the certified entity.
Public Key Algorithm The algorithm used for the public key.
Key Length The length of the key in bits.
Serial Number The sequence number of the certificate. The number is issued by the CA.
Signature Algorithm The signature algorithm that was used to sign the certificate.
Signed By The CA that signed the certificate.
SubjectAltName The subject alternative name fields of the certificate.
Valid From The start date of certificate validity.
Valid To The end date of certificate validity.
Fingerprint (SHA-1) The certificate fingerprint using the SHA-1 algorithm.
Fingerprint (SHA-256) The certificate fingerprint using the SHA-256 algorithm.
Fingerprint (SHA-512) The certificate fingerprint using the SHA-512 algorithm.
Status The status of the internal certificate authority.
Option Definition
Certificate tab
Certificate text area The contents of the certificate.
Export Exports the certificate text.
Import Opens a file browser to import a certificate file.