Certificate chain events

Certificate chain and events found in the audit log and all logs.

Topics

Event fields

Access Gateway audit log certificate events include the following information:

Field

Description

TIMESTAMP

Current system date and time

HOSTNAME

Hostname of node generating event

SUBSYSTEM

The sub system or host that generated the error, such as

  • systemd
  • CERT VERFIER
  • CLIENT_CERT
MESSAGE Free form associated message.
MESSAGE Free form message information about the error

Certificate chain events

Events logged when adding, deleting, or assigning certificate chains. Also events associated with managing certificate chain revocation settings.
See About client certificate validation behavior and Certificate chain operations for more information.

Certificate chain added

Description: The specified certificate chain was added.

Messages:

  • Added a client certificate chain.

Example(s):

  • 2021-03-04T12:08:10.183-06:00 example.myaccessgateway. OAG ADMIN_CONSOLE SERVICES CLIENT_CERT INFO CLIENT_CERT [USER=“oag-mgmt”] Added a client certificate chain
  • 2021-03-04 12:08:10.170 INFO 1101 --- [61-8666-exec-10] c.okta.oag.certverify.CertificateLoader : Importing 'EMAILADDRESS=xxx, CN=YYYY, OU=Engineering, O=Okta, L=San Francisco, ST=CA, C=US’ as certificate authority.
  • Structured data:
    • USER - User performing nomination actions, always oag-mgmt
  • Corrective action :
    • None
  • Certificate chain deleted

    Description: The specified certificate chain was deleted.

    Messages:

    • Deleted client certificate chain ID Identifier.
    • Removed certificate chain ID 'id'

    Example(s):

    • 2021-03-04T12:06:34.145-06:00 example.myaccessgateway.com OAG ADMIN_CONSOLE SERVICES CLIENT_CERT INFO CLIENT_CERT_API [USER=“oag-mgmt”] Deleted client certificate chain ID identifier.
    • 021-03-04 12:06:34.099 INFO 1101 --- [.61-8666-exec-6] o.o.c.r.CertificateConfigurationResource : Removed certificate chain ID ‘6da2489d593711957db25c2d3ba5cf3cec069c2959a8b61609a6b70639029a92’.
  • Structured data:
    • USER - User performing nomination actions, always oag-mgmt
  • Corrective action :
    • None
  • Certificate revocation list settings updated

    Description: Certificate revocation settings updated.

    Messages:

    • CRL config updated.
    • settings updated to refresh every xxx minutes and cache for yyy minutes

    Example(s):

    • 2021-03-04T12:09:00.226-06:00 example.myaccessgateway.com OAG ADMIN_CONSOLE SERVICES CLIENT_CERT INFO CLIENT_CERT_API [USER=“oag-mgmt”] CRL config updated.
    • 2021-03-04T12:09:00.000-06:00 example.myaccessgateway.com CERT VERIFIER CRL settings updated to refresh every 660 minutes and cache for 720 minutes
  • Structured data:
    • USER - User performing nomination actions, always oag-mgmt
  • Corrective action :
    • None
  • System start or stop

    Event issued when the client certificate validation service is started or stopped.

    • Messages:
      Stopped Certificate Validation Service,
      Started Certificate Validation Service,
      Starting (various)
    • Cause: The instance is starting or stopping.
    • Example(s):
      2021-01-20T10:54:58.075-06:00 example.myaccessgateway.com systemd Started Certificate Validation Service.
      2021-01-22T13:10:55.000-06:00 oag.okta.com CERT VERIFIER Starting [Starting(Started) application | certificate loader | service | servlet | Tomcat]
      2021-01-21T11:54:58.075-06:00 example.myaccessgateway.com systemd Stopped Certificate Validation Service.


    Related topics