AppDynamics Extension for SSL Certificate - Monitoring

Use Case

An AppDynamics extension that monitors the SSL certificates for configurable domains and should be used with a stand alone Java Machine Agent.

Metrics Provided



  1. Before the extension is installed, the prerequisites mentioned here need to be met. Please do not proceed with the extension installation if the specified prerequisites are not met.
  2. Please make sure that the machine has OpenSSL installed. Windows users can download it from There is a bug in the windows openssl where in the command execution hangs. Please download Cygwin's openssl on Windows.


  1. You can download the
  2. Unzip as "SslCertificateMonitor" and copy the "SslCertificateMonitor" directory to<MACHINE_AGENT_HOME>/monitors.
  3. Configure the extension by referring to the below section.


Note : Please make sure to not use tab (\t) while editing yaml files. You may want to validate the yaml file using a yaml validator


1. Edit the file config.yml located at <MachineAgent_Dir>/monitors/SslCertificateMonitor The metricPrefix of the extension has to be configured as specified here. Please make sure that the right metricPrefix is chosen based on your machine agent deployment, otherwise this could lead to metrics not being visible in the controller.

2. Configure the domains in config.yml file.

        #This will create this metric in all the tiers, under this path
        metricPrefix:  "Custom Metrics|SslCertificate"

        #This will create it in specific Tier. Replace 
        #metricPrefix: Server|Component:|Custom Metrics|SslCertificate

          - domain: ""
            port: 443
            displayName: "Google"

          - domain: ""
            port: 443
            displayName: "eBay"

          - domain: ""
            port: 443
            displayName: "amazon"

        # Point to .sh for unix based and .bat for windows.
        # Incase if you are using Cygwin's openssl, please make sure to change the openssl.bat to point to Cygwin's openssl.
        # For eg. echo | C:\Cygwin64\bin\openssl s_client -connect %1:%2 2> null | C:\Cygwin64\bin\openssl x509 -noout -enddate
        cmdFile: "monitors/SslCertificateMonitor/cmd/"
        #cmdFile: "monitors\\SslCertificateMonitor\\cmd\\openssl.bat"

        #### Configurations below this need not be changed.###
        # number of concurrent tasks
        numberOfThreads: 10

        #timeout for the thread
        threadTimeout: 5

  3. Configure the path to the config.yml file by editing the in the monitor.xml file in the<MACHINE_AGENT_HOME>/monitors/SslCertificateMonitor/ directory. You can also change the frequency at which the MachineAgent calls the extension by changing the <execution-frequency-in-seconds> in monitor.xml. 

 4. If needed, configure the openssl command in the cmdFile pointed by config.yml.

Custom Dashboard



  1. Please look at the troubleshooting document and make sure that everything is followed correctly.
  2. Verify Machine Agent Data: Please start the Machine Agent without the extension and make sure that it reports data. Verify that the machine agent status is UP and it is reporting Hardware Metrics.
  3. config.yaml: Validate the file here.
  4. The config cannot be null : This usually happens when on a windows machine in monitor.xml you give config.yaml file path with linux file path separator `/`. Use Windows file path separator `\` e.g. `monitors\MQMonitor\config.yaml`. On Windows, please specify absolute file path.
  5. Metric Limit: Please start the machine agent with the argument -Dappdynamics.agent.maxMetrics=5000 if there is a metric limit reached error in the logs. If you don't see the expected metrics, this could be the cause.
  6. Debug Logs: Edit the file, /conf/logging/log4j.xml and update the level of the appender com.appdynamics to debug . Let it run for 5-10 minutes and attach the logs to a support ticket


Always feel free to fork and contribute any changes directly via GitHub.


Find out more in the AppDynamics Exchange.


For any questions or feature request, please contact



Agent Compatibility:


Controller Compatibility:


Last Update: