Environment
- App Control Server: 8.0.0 - 8.8.0
Symptoms
- New certificates not found under Assets > Certificates
- Delay in certificates appearing under Assets > Certificates
- New Publishers not found under Rules > Software Rules > Publishers tab
- Delay in Publishers appearing under Rules > Software Rules > Publishers tab
- Last Validation Date for the certificate is more than a week old
Cause
The logic of the "GetNextCertificateBatchToValidate" stored procedure is not setup to process certificates in order based on their next validation time, so reprocessing of failed certs its taking priority.
Resolution
The resolution to this was included in the release of Server version 8.8.2 and can be resolved by
upgrading to the latest version.:
- EP-8346: Certificate validation is now ordered to consider certificates that are yet to be validated and with the next validation time stamp.
Additional Notes
- Query to see pending certificates:
use das;
SELECT c.cert_id, c.next_validation_time
FROM dbo.certificates c WITH(NOLOCK)
INNER JOIN dbo.certificate_binary b WITH(NOLOCK) ON c.cert_id = b.cert_id
WHERE c.next_validation_time < DATEADD(hh, -1, GETUTCDATE());
