Expiration Check of Certificate Used for Authentication

Microsoft.SystemCenter.HealthService.CommunicationCertificateExpirationCheck (UnitMonitor)

This monitor checks the status of the certificate used for authentication and sends an alert when the certificate is about to expire.

Knowledge Base article:

Summary

The certificate used for authentication is about to expire. This certificate is used for certificate-based authentication from this Health Service to other Health Services.

This is the same certificate that was imported using the MOMCertImport.exe utility.

Once the certificate expires, the agent or management server will not be able to communicate with or report data to the management group.

Causes

The certificate is about to expire. After it has expired, the Health Service will be unable to authenticate to other Health Services.

Resolutions

Obtain a new certificate and import it using the MOMCertImport.exe utility.

Additional

For more information on importing certificates in Operations Manager, see Authentication and Data Encryption for Windows Computers in Operations Manager 2007 (http://go.microsoft.com/fwlink/?LinkID=161162).

For information about obtaining and importing a certificate by using an enterprise certification authority, see How to Obtain a Certificate Using Windows Server 2003 Enterprise CA in Operations Manager 2007 (http://go.microsoft.com/fwlink/?LinkId=100716).

For information about using a stand-alone certification authority, see How to Obtain a Certificate Using Windows Server 2003 Stand-Alone CA in Operations Manager 2007 (http://go.microsoft.com/fwlink/?LinkId=100717).

For information about using the CertGenWizard.exe, an unsupported tool for requesting multiple certificates, see the blog post Obtaining Certificates for Non-Domain Joined Agents Made Easy With Certificate Generation Wizard (http://go.microsoft.com/fwlink/?LinkId=195439).

Element properties:

Target

Microsoft.SystemCenter.HealthService

Parent Monitor

System.Health.ConfigurationState

Category

ConfigurationHealth

Enabled

True

Alert Generate

True

Alert Severity

Warning

Alert Priority

High

Alert Auto Resolve

True

Monitor Type

Microsoft.Windows.2SingleEventLog2StateMonitorType

Remotable

True

Accessibility

Public

Alert Message

Health Service Authentication Certificate Expiration

{0}

RunAs

Default

Source Code:

<UnitMonitor ID="Microsoft.SystemCenter.HealthService.CommunicationCertificateExpirationCheck" Accessibility="Public" Enabled="true" Target="SCLibrary!Microsoft.SystemCenter.HealthService" ParentMonitorID="Health!System.Health.ConfigurationState" Remotable="true" Priority="Normal" TypeID="Windows!Microsoft.Windows.2SingleEventLog2StateMonitorType" ConfirmDelivery="true">

  <Category>ConfigurationHealth</Category>

  <AlertSettings AlertMessage="Microsoft.SystemCenter.HealthService.CommunicationCertificateExpirationCheck_AlertMessageResourceID">

    <AlertOnState>Warning</AlertOnState>

    <AutoResolve>true</AutoResolve>

    <AlertPriority>High</AlertPriority>

    <AlertSeverity>Warning</AlertSeverity>

    <AlertParameters>

      <AlertParameter1>$Data/Context/EventDescription$</AlertParameter1>

    </AlertParameters>

  </AlertSettings>

  <OperationalStates>

    <OperationalState ID="FirstEventRaised" MonitorTypeStateID="FirstEventRaised" HealthState="Warning"/>

    <OperationalState ID="SecondEventRaised" MonitorTypeStateID="SecondEventRaised" HealthState="Success"/>

  </OperationalStates>

  <Configuration>

    <FirstComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</FirstComputerName>

    <FirstLogName>Operations Manager</FirstLogName>

    <FirstExpression>

      <And>

        <Expression>

          <SimpleExpression>

            <ValueExpression>

              <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>

            </ValueExpression>

            <Operator>Equal</Operator>

            <ValueExpression>

              <Value Type="UnsignedInteger">21020</Value>

            </ValueExpression>

          </SimpleExpression>

        </Expression>

        <Expression>

          <SimpleExpression>

            <ValueExpression>

              <XPathQuery Type="String">PublisherName</XPathQuery>

            </ValueExpression>

            <Operator>Equal</Operator>

            <ValueExpression>

              <Value Type="String">OpsMgr Connector</Value>

            </ValueExpression>

          </SimpleExpression>

        </Expression>

      </And>

    </FirstExpression>

    <SecondComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</SecondComputerName>

    <SecondLogName>Operations Manager</SecondLogName>

    <SecondExpression>

      <And>

        <Expression>

          <SimpleExpression>

            <ValueExpression>

              <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>

            </ValueExpression>

            <Operator>Equal</Operator>

            <ValueExpression>

              <Value Type="UnsignedInteger">20053</Value>

            </ValueExpression>

          </SimpleExpression>

        </Expression>

        <Expression>

          <SimpleExpression>

            <ValueExpression>

              <XPathQuery Type="String">PublisherName</XPathQuery>

            </ValueExpression>

            <Operator>Equal</Operator>

            <ValueExpression>

              <Value Type="String">OpsMgr Connector</Value>

            </ValueExpression>

          </SimpleExpression>

        </Expression>

      </And>

    </SecondExpression>

  </Configuration>

</UnitMonitor>