Certificates control secure SSL communication between the DLP Network components - Network Controller, Sensors, Interceptors, and ICAP Servers. A certificate is valid for 730 days and then expires or becomes invalid. This article explain the steps to check the certificate detail of a DLP Network components for certificate expiry.
These other types of changes on a DLP Network components will also invalidate a certificate:
Resetting the time on any DLP Network components so that its current time shifts out of the range of the certificate start and stop dates.
Erasure, removal, or regeneration of the private key on any DLP Network components.
Resetting the Network Controller or regenerating or removing its certificates.
To avoid breaking communications among DLP Network components due to invalid certificates, you can regenerate and distribute updated certificates before they expire. You can regenerate a certificate for a single DLP Network components, for the Network Controller, and for all deployed DLP Network components. Refer to DLP 9.6 maintenance guide for instruction on regenerate DLP Network components certificate.
Log on to the Network device as tablus user
From the tabmenu Exit to the shell window by selection option 6) Advanced
Then select option 1) Exit to Shell from the tabmenu.
Type the following command to display the certificate information (e.g.creation date, expiration date, etc,,)