Configuring the EM Plug-in for SSL Certificates to monitor certificates in your organization

by bluemedora_editor on April 1, 2013

This specific post will cover the process of Manually Adding the SSL Certificates target and provides a guide to using the new target instance of the Oracle Enterprise Manager Plug-in for SSL Certificates available from Blue Medora. In order to configure the plug-in we need to import and deploy the plug-in on OEM, this is covered as part of our two part series. Part 1 covers importing the plug-in in an EM12c Software Library and Part 2 covers deploying the plugin to Management Servers (OMS) and Management Agents (OMA). The information posted here is intended to supplement, not replace, the online User Guide available on the Blue Medora product page. The demo environment these screen shots are captured from is an EM12c system running on a Windows 64-bit Server. This post assumes that you have already executed all the steps covered in Part 1 and Part 2 of Deploying Blue Medora Oracle EM Plug-ins Blog series.

Manually Adding the SSL Certificates target
  • From the EM12c Web UI, navigate to SetupAdd Target -> Add Targets Manually.

 

  • Select Add Non-Host Targets by Specifying Target Monitoring Properties. From the Target Type drop-down menu, select SSL certificate. Specify the desired OMA and click Add Manually.

 

  • Specify monitoring properties for the SSL Certificate target type. Click OK.
    • Target Name: name of the Plug In target type instance.
    • Directive File Path: specify the path of the SSL directive file on OMA server.

 

  • Next the ‘Add Target – Confirmation’ dialog box appears. It should indicate that SSL Certificate added successfully. Click Close to continue.

 

Now that we have successfully installed the plug-in. Below example demonstrates a monitoring scenario that shows SSL Certificate plugin when combined with EM incident actions provides alerts for scenarios such as expired or invalid SSL certificates. The following steps will show you how to use the SSL Certificate plug-in.
  • Navigate to the following path on OMA server C:\oracle\plugins\bm.em.ssl.agent.plugin_12.1.0.1.0\scripts
In this path, you will find ssl configuration ssl_directives_sample.csv file which is used to monitor websites.
  • Open the ssl_directives_sample.csv file and ADD the servers whose certificates you like to monitor and then Save the file.
Add entries that you need to monitor to this file using the below format. Fields are comma separated and commas are not supported within any field. Hostname and Port are the only required fields.
Format: hostname, port[,alias]
Example: mail.google.com,443,Gmail

 

  • From the EM12c Web UI, navigate to Targets-Add Target -> All Targets.

 

  • Click on the target name of the plug-in. This will take us to Demo SSL Agent. Here all the servers that are entered in the directives file are displayed.

 

  • Good way to utilize this information is by using OEM thresholds. We can set threshold by navigating to the path Remote SSL -> Monitoring -> Metrics and Collection Settings.

 

  • Next select ‘All Metric’ from the view drop down. For this example I have set the critical threshold for days_remaining to 90 days. Click on OK.

 

  • Confirmation screen provides the information on the update status. Click on OK.

 

  • Incident tickets are created for all the certificates with days_remaining < 90

 

  • Click on the incident ticket. Takes to window that displays information about ticket raised for mail.google.com server.

This completes the process of implementing SSL certificates plug-in to an EM12c OMS and OMA.Through the information provided in blog series you should be able to import, deploy and implement SSL Certificates plug-in available from Blue Medora and also perform some basic functionality.

Get started

Try BindPlane for free. No credit card required.

Sign up
True Visibility
BindPlane for VMware vRealize Operations

True Visibility allows cloud management teams to use VMware vRealize’s powerful machine learning and capacity planning engine across their entire hybrid cloud environment.

Azure Monitor...everything
BindPlane for Microsoft Azure Monitor

Make Azure Monitor your first-pane-of-glass across your entire multi-cloud, multi-database or hybrid platform environment.

Thank you for contacting us. Your information was received. We'll be in touch shortly.