search
Home

Auto-Tidy Disabled

Take the necessary steps to ensure that vHSM’s auto-tidy functionality is enabled, allowing for efficient and regular cleanup of revoked certificates, expired certificate data, and related resources.

This health check ensures that vHSM’s auto-tidy functionality is enabled with appropriate settings to clean up revoked certificates, expired cert data, and related resources regularly and efficiently.

hashtag
Health Check Name: enable_auto_tidy

hashtag
Accessed APIs

Method
Endpoint
Description

READ

/config/auto-tidy

Retrieves the auto-tidy configuration.

hashtag
Configuration Parameters

Parameter
Default Value
Description

interval_duration_critical

7d

Maximum interval duration allowed before marking status as Critical.

interval_duration_warning

2d

Maximum interval duration allowed before marking status as Warning.

pause_duration_critical

1s

Maximum pause duration allowed before marking status as Critical.

pause_duration_warning

200ms

Maximum pause duration allowed before marking status as Warning.

hashtag
Health Check Description

This health check verifies:

  • Whether auto-tidy is enabled.

  • Whether interval_duration and pause_duration are set within best-practice thresholds.

Health Check results

Status Outcome
Description

Informational

Auto-tidy is disabled. This is a best practice recommendation but not mandatory.

Warning / Critical

interval_duration or pause_duration values exceed the defined thresholds, potentially impacting performance or certificate lifecycle management.

hashtag
Recommended Actions

To remediate warnings or critical statuses and enable optimal certificate lifecycle management:

circle-info

Note: Replace <mount> with your actual secrets engine mount path.

Enable Auto-Tidy with Recommended Defaults

PreviousAllow If-Modified-Since RequestsNextTidy Hasn't Run

Last updated

Was this helpful?