We will continue our tour of the Blue Medora Agent for Remote SSL Certificates with a walkthrough of the agent in the TEP. In this post, we will consider a number of enterprise scenarios and use the agent to solve them. It is my hope that the information given here will help you to quickly begin taking advantage of the agent’s features in your ITM environment.

– Mike Major

Default Workspaces

Okay, let’s start with something easy. Consider this scenario: Your security administrator wishes to generate a weekly reminder list of all X.509 Certificates that will expire in the next 90 days. So, how can we get this information? Luckily, the agent comes with a workspace that will tell us what we need to know. Simply right click on “Certificate Status” and choose Workspace->Nearly Expired Certificates.

We now get a list of all certificates that will expire in the next 90 days, like below:

This would be a great time to take advantage of the agent’s TCR Reporting feature to generate a custom report for the data you have chosen (which we will cover in a later blog post). You can also export the data to a .csv file or .txt file. Just right click in the window and choose “Export…”

A dialogue will pop up asking for the file name and format to create or save to. You can also choose which rows and columns to export.

The resulting file looks like the one below:

This is a view of an exported text file. It is more visually pleasing for this demonstration, but a .csv could be easily imported to other software.

Custom Views

Now for something a little more tricky. Consider this scenario: To determine the budget for the upcoming year, the security administrator requires a report on the expiration date for all the X.509 Certificates in the enterprise. This can be accomplished by creating a custom Workspace View. From the “Certificate Status” Workspace, I will close the “SSL Certificates Results” view to make more room. Now, click the “Table” icon on the toolbar. It looks like this:

Now click anywhere inside the View area that we are changing:

Now, right click inside the View area and choose Properties…

The first thing you might notice is that we are currently viewing a Certificate Status Summary. Under the “Query” tab, click Click here to assign a query:

Now, switch the query to “Remote Certificates” located under “KB4 REMOTE CERTIFICATES.” Then click OK:

Since we are interested in all certificates that will expire this year, we now need to change the filters. Click the “Filters” tab and scroll over until you see “Days until Certificate Expires.” Clicking the box will allow you to edit the current formula. Change the equality to Less than or equal:

Change the value to 365 and click OK. You can also decide which columns you would like to appear in the new view. For this example, I have selected to show the Alias, Host, Port, Days until Certificate Expires and Certificate Expiration Date:

Now let’s take a look at our new View:

Again, this would be a good time to use TCR Reporting or exporting the data to a file.

Situations and Expert Help

Consider this scenario: You are a small company with a new product about to launch. You do not want to lose possible sales due to problems with your X.509 Certificates. You wish to be notified as soon as a problem pops up.

You’re in luck! By default, the agent comes configured to autostart situations for when a certificate is close to expiring or already expired. However, what if you aren’t interesting in viewing certificates that will expire in 90 days (the default value), but 30 days instead?

You can edit the default situations by clicking on the “Situation Editor” on the toolbar. The icon looks like this:

In the situation editor, choose the situation you would like to edit. In our case, we will be editing the “KB4_SSL_Cert_Near_Expiration” situation under “Remote SSL Certificates”. Just change the formula to 30 days instead of 90 and click OK:

To start or stop a situation, right click the instance name and click Manage Situations:

Then, right click the situation and choose the appropriate action. Notice that you can also edit a specific situation from this screen:

You can view any current situations by mousing over the icon on the instance name:

If you need some help in solving the situation, click the link icon next to it to open the expert help panel in the bottom right portion of the TEP:

Well, that’s it for now. I hope these scenarios have given you a good idea of the power behind the Blue Medora Agent for Remote SSL Certificates. As always, if you have any questions regarding this post, the Remote SSL Certificates Agent or anything else related to Blue Medora ITM Agents, feel free to drop me a line directly at: mike.major@bluemedora.com