One of the things I am being ask if it is possible would be to monitor the health of certificates on Linux machines with SCOM 2016. I have not yet installed SCOM on any LINUX so I have no clue if it is possible and I am not finding much out there on the web.
3 Likes
Hi,
just an idea that should work.
- Make a shell script that can test the certificate. - openssl can help with that: https://unix.stackexchange.com/questions/16226/how-can-i-verify-ssl-certificates-on-the-command-line
- Create a monitor that that runs the shell script: https://www.stefanroth.net/2012/10/21/scom-2012-linux-two-state-monitor-with-script-in-script/
Hope it helps.
Ruben
3 Likes
We have started to look at an approach where we have a “certificate-machine”. Our Linuxmachines dumps there certificates (without private key) to a folder and via powershell we import and replaces those that are updated. Under description for the cert we add info on where to find that certificate on the Linux environment.