Customer is aware certs will be expiring, but prefers to update them at the 30 day expiration, resulting in 60 days of annoyance to every admin.

Need some method to exist for the administrator to acknowledge or reconfigure the alert once they were told about it and prior to actually updating the certs.

Comments

  • This is especially annoying with a large number of LDAP servers (e.g. large number of branches with local fallback LDAP servers configured). A customer for example has configured 28 ldap servers, so with a 2 year certificate cycle there is always one with a near to EOL certificate. The consequence is, that most of the admins click away the zcc popup afer logging in without reading it anymore...

  • I'd like to see something similar. The tier 1 help desk staff don't need to see this, so once a network administrator acknowledges it, it would be nice to be able to drop it to a 60- or 30-day warning - just in case it doesn't get dealt with before then. A nice touch would be for the warning to reset to 90 days automatically once the cert is updated. If it gets as close as 14 days, the constant warning is probably a good idea!

  • Please please add such a behaviour to avoid LDAP frustration. It should either be configurable (iin a conf file) or the warning should appear less than 30 days before expiration of the certificate. 90 days is useless and frustrating.