Checks whether the duration between the expiration date of the SSL certificate and the current date is greater than the specified value. If so, the evaluation result is Compliant.
Scenarios
This rule helps you detect SSL certificates that are about to expire and renew the SSL certificates in a timely manner to prevent service interruptions caused by expired SSL certificates.
Risk level
Default risk level: high.
When you apply this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
Checks whether the duration between the expiration date of the SSL certificate and the current date is greater than the specified value. If so, the evaluation result is Compliant.
Rule details
Parameter | Description |
Rule Template Name | ssl-certificate-expired-check |
Rule Template Identifier | |
Tag | SSL and Certificate |
Automatic remediation | Not supported |
Invoke Type | Periodic: Every 24 hours |
Supported resource type | ACS::SSLCertificatesService::Certificate |
Input parameter | days. Default value: 30 |