Service Provider Foundation stored certificate being used to authenticate request has expired.
Detects expired certificates stored in SPF. SPF will post an event when a certificate being used to authenticate has expired.
The following options can be configured on this rule:
Option | Definition | Default |
Enabled | Specifies whether the rule should run. | True |
Alert Priority | Specifies priority level for this rule. | Normal |
Alert Severity | Specifies severity level for this rule. | Warning |
If this monitor is in error, then certificate SPF uses to authenticate has expired. See the Configuration section for details on configuring the monitor.
Check the Authentication Certificate and renew the same.
Target | Microsoft.SystemCenter.SPF.SpfServer | ||
Category | Alert | ||
Enabled | True | ||
Event_ID | 101 | ||
Event Source | Microsoft-ServiceProviderFoundation | ||
Alert Generate | True | ||
Alert Severity | Error | ||
Alert Priority | Normal | ||
Remotable | True | ||
Alert Message |
| ||
Event Log | Microsoft-ServiceProviderFoundation/Admin |
ID | Module Type | TypeId | RunAs |
---|---|---|---|
DS | DataSource | Microsoft.Windows.EventProvider | Default |
Alert | WriteAction | System.Health.GenerateAlert | Default |
<Rule ID="Microsoft.SystemCenter.SPF.Rule.CertificateExpired" Target="Microsoft.SystemCenter.SPF.SpfServer" Enabled="true" ConfirmDelivery="false" Remotable="true" Priority="Normal" DiscardLevel="100">
<Category>Alert</Category>
<DataSources>
<DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider">
<ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>Microsoft-ServiceProviderFoundation/Admin</LogName>
<Expression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">101</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="String">PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="String">Microsoft-ServiceProviderFoundation</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</Expression>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="Alert" TypeID="Health!System.Health.GenerateAlert">
<Priority>1</Priority>
<Severity>2</Severity>
<AlertMessageId>$MPElement[Name="Microsoft.SystemCenter.SPF.Rule.CertificateExpired.AlertMessage"]$</AlertMessageId>
</WriteAction>
</WriteActions>
</Rule>