No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

HUAWEI CLOUD Stack 6.5.0 Alarm and Event Reference 04

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
ALM-100000 Certificate Is About to Expire

ALM-100000 Certificate Is About to Expire

Alarm Description

This alarm is generated when MODriverMgmt detects that the certificate of an interconnected system is about to expire. The service checks the certificate expiration time every 24 hours.

Alarm Attribute

Alarm ID

Alarm Severity

Alarm Type

100000

Major/Minor/Warning

Time domain violation

NOTE:
  • If the certificate validity period is less than 3 days, the alarm severity is major.
  • If the certificate validity period is less than 7 days, the alarm severity is minor.
  • If the certificate validity period is less than 30 days, the alarm severity is warning.

Alarm Parameters

Name

Description

certType

Indicates the certificate type. The value can be:

  • Trust certificate
  • Identity certificate
  • Revoked certificate

issuedBy

Indicates the organization that issues the certificate.

issuedTo

Indicates the organization that the certificate is issued to.

Impact on System

The certificate-dependent interconnection will fail and services of related systems cannot be provisioned.

Possible Causes

The certificate will expire.

Handling Procedure

  1. In the Alarm Details area, view and record information about the certificate that is about to expire in the Location Info field.

    1. Log in to ManageOne Maintenance Portal using a browser.

      URL: https://Address for accessing the homepage of ManageOne Maintenance Portal:31943, for example, https://oc.type.com:31943

      Default account: admin; default password: Huawei12#$

    2. Choose Alarms > Current Alarms from the main menu.
    3. Locate the row that contains the target alarm, and click to view the alarm details.
      NOTE:

      The color of Severity may vary depending on the alarm severity.

    4. In the Location Info field, view and record the values of certType, issuedBy, issuedTo, and validToTime.

  2. Perform the following operations according to the certificate type.

    Certificate Type

    Operation

    Identity certificate

    1. Choose System > Platform Configuration > System Access from the main menu.
    2. In the navigation pane, choose Certificate Management > Identity Certificates.
    3. In the identity certificate list, query the identify certificate according to the about-to-expire certificate information recorded in 1.d.
      NOTE:

      The values of Issued By, Issued To, and Valid To in the identity certificate list are analogous to the values of issuedBy, issuedTo, and validToTime in the Location Info field, respectively.

    4. Click in the row that contains the identify certificate. In the displayed High Risk dialog box, select I understand the risk of this operation. and click OK.
    5. Contact O&M personnel to obtain a valid identity certificate, and record Certificate type and Keystone Password of the certificate.
    6. Click Upload.
    7. In the Certificate type drop-down list, choose the type of the identity certificate to be uploaded.
    8. Enter the Keystone password.
    9. Click . In the displayed dialog box, select the identity certificate to be uploaded and click Open.
    10. Click Submit. In the displayed High Risk dialog box, select the I understand the risk of this operation. check box and click OK.

    Trust certificate

    1. Choose System > Platform Configuration > System Access from the main menu.
    2. In the navigation pane, choose Certificate Management > Trust Certificates.
    3. In the trust certificate list, query the trust certificate according to the about-to-expire certificate information recorded in 1.d.
      NOTE:

      The values of Issued By, Issued To, and Valid To in the trust certificate list are analogous to the values of issuedBy, issuedTo, and validToTime in the Location Info field, respectively.

    4. Click in the row that contains the trust certificate. In the displayed High Risk dialog box, select I understand the risk of this operation. and click OK.
    5. Update the certificate.
      • Manual update
      1. Contact O&M personnel to obtain a valid trust certificate.
      2. Click Upload.
      3. Click . In the displayed dialog box, select the trust certificate to be uploaded and click Open.
      4. Click Submit.
      5. In the navigation pane, choose Access Management.
      6. On the displayed Access Management page, click the System Type tab.
      7. Click the interconnected system card involved in the certificate and check whether is displayed in the Connection Status column corresponding to the certificate system name. If not, contact technical support for assistance.
      • Automatic update: Only the certificate whose Comment is Automatically imported certificate is supported, and the certificate has been updated on the peer system.
      1. Choose System > Platform Configuration > System Access from the main menu.
      2. On the displayed Access Management page, click the System Type tab.
      3. Click the interconnected system card involved in the certificate, and click in the Operation column corresponding to the System Name of the certificate. If the Connectivity test successful. dialog box is displayed, click OK. Otherwise, contact technical support for assistance.

    Revoked certificate

    1. Choose System > Platform Configuration > System Access from the main menu.
    2. In the navigation pane, choose Certificate Management > Revoked Certificates.
    3. In the revoked certificate list, query the revoked certificate according to the about-to-expire certificate information recorded in 1.d.
      NOTE:

      The values of Issued By and Next Update Time in the revoked certificate list are analogous to the values of issuedBy and validToTime in the Location Info field, respectively.

    4. Click in the row that contains the revoked certificate. In the displayed High Risk dialog box, select I understand the risk of this operation. and click OK.
    5. Contact O&M personnel to obtain a valid revoked certificate.
    6. Click Upload.
    7. Click . In the displayed dialog box, select the revoked certificate to be uploaded and click Open.
    8. Click Submit.

Alarm Clearance

After the fault is rectified, the system will automatically clear the alarm. Manual clearing is not required.

Related Information

None

Translation
Download
Updated: 2019-08-30

Document ID: EDOC1100062365

Views: 34991

Downloads: 31

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next