Identity certificate expiration alarms

Last Updated : Jun 14, 2021 |

All certificates have a limited valid lifetime. For identity certificates that are signed by the System Manager root CA, the lifetime is two years after they were first installed. Session Manager automatically renews these identity certificates 30 days before they expire. For identity certificates signed by a third party CA, the PKI administrator must replace or renew them prior to expiration.

Automically renewed System Manager certificates

An alarm warns you when an identity certificate signed by the System Manager root CA is about to expire. 60 days before the identity certificate expires, the OP_MMTC20048 alarm is displayed.

When the identity certificate is automatically renewed, the OP_TMAG20500 alarm is displayed. When you see this alarm, reboot the cluster for the server to pick up the updated certificate. When the reboot is complete, the OP_TMAG20501 alarm is displayed.

Third party identity certificates

Avaya Breeze® platform notifies you of certificate expiration by generating alarms. The following alarms are generated when a third party identity certificate is about to expire:

  • Critical alarm (OP_MMTC20050) if the certificate expires in less than 15 days

  • Major alarm (OP_MMTC20049) if the certificate expires between 15 and 29 days

  • Warning alarm (OP_MMTC20048) if the certificate expires between 30 and 60 days

For more information about alarms and the expiration process, see Maintaining and Troubleshooting Avaya Breeze® platform.

Related information
Certificate management
Rebooting a cluster