Certificate Authority Monitoring
The two types of monitoring which Keyfactor Command offers for certificate authorities are configured on the Alert Recipients tab of the Certificate Authorities page at Locations > Certificate Authorities. Monitoring is not supported for CAs accessed with the Keyfactor Windows Orchestrator
The Windows Orchestrator, one of Keyfactor's suite of orchestrators, is used to manage synchronization of certificate authorities in remote forests, run SSL discovery and management tasks, and interact with Windows servers as well as F5 devices, NetScaler devices, Amazon Web Services (AWS) resources, and FTP capable devices, for certificate management. In addition, the AnyAgent capability of the Windows Orchestrator allows it to be extended to create custom certificate store types and management capabilities regardless of source platform or location. or Keyfactor Universal Orchestrator The Keyfactor Universal Orchestrator, one of Keyfactor's suite of orchestrators, is used to interact with Windows servers (a.k.a. IIS certificate stores) and FTP capable devices for certificate management, run SSL discovery and management tasks, and manage synchronization of certificate authorities in remote forests. With the addition of custom extensions, it can run custom jobs to provide certificate management capabilities on a variety of platforms and devices (e.g. F5 devices, NetScaler devices, Amazon Web Services (AWS) resources) and execute tasks outside the standard list of certificate management functions. It runs on either Windows or Linux..
Certificate Authority Health Monitoring
Enable certificate authority A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. health monitoring to receive email alerts when one or more of your CAs is not responding. Only CAs configured for synchronization will be monitored for health. To enable health monitoring, configure one or more recipients to receive the email messages and configure a health check schedule. You can choose to schedule the health checks either for daily at a specified time or at intervals of anywhere from every one minute to every 12 hours.
Certificate Authority Threshold Alerts
Enable threshold alerting to receive email alerts when a CA A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. issues more or fewer certificates or experiences more failures or denials than configured for monitoring on the CA (see Advanced Tab). Setting threshold monitoring is a two-step process:
- Configure monitoring on the advanced tab (see links above) for each CA.
- Set the email recipients for the alerts on the alert recipients tab of the certificate authorities page.
Figure 209: Certificate Authority Monitoring Recipients
