policy/protocols/ssl/expiring-certs.zeek
- SSL
Generate notices when X.509 certificates over SSL/TLS are expired or going to expire soon based on the date and time values stored within the certificate.
- Namespace
SSL
- Imports
base/files/x509, base/frameworks/notice, base/protocols/ssl, base/utils/directions-and-hosts.zeek
Summary
Runtime Options
The category of hosts you would like to be notified about which have certificates that are going to be expiring soon. |
|
The time before a certificate is going to expire that you would like
to start receiving |
Redefinitions
|
Detailed Interface
Runtime Options
- SSL::notify_certs_expiration
-
The category of hosts you would like to be notified about which have certificates that are going to be expiring soon. By default, these notices will be suppressed by the notice framework for 1 day after a particular certificate has had a notice generated. Choices are: LOCAL_HOSTS, REMOTE_HOSTS, ALL_HOSTS, NO_HOSTS
- SSL::notify_when_cert_expiring_in
-
The time before a certificate is going to expire that you would like to start receiving
SSL::Certificate_Expires_Soon
notices.