Expiration Check for Private Certificates
Rule Details
|
Parameter |
Description |
|---|---|
|
Rule Name |
pca-certificate-expiration-check |
|
Identifier |
Expiration Check for Private Certificates |
|
Description |
If the validity period of a private certificate is not within the specified range, this certificate is non-compliant. |
|
Tag |
pca |
|
Trigger Type |
Periodic |
|
Filter Type |
pca.cert |
|
Rule Parameters |
daysToExpiration: indicates a validity period. This is an integer type parameter. |
Application Scenarios
Private certificates are deployed on service nodes and are frequently used for encrypted communication. To prevent private key leakage, the validity period of private certificates is set based on the security level requirements of service scenarios. If a private certificate expires, service communication will be interrupted.
Solution
Rotate your private certificate, or renew the private certificate in the Billing Center.
Rule Logic
- If a private certificate will expire within the specified period, this policy is non-compliant.
- If a private certificate will not expire within the specified period, this policy is compliant.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
