Of course, You can manually check all certificates for example in transaction STRUSTSSO2. However, this is very annoying, especially if you have a lot of certificates. The better solution is report: SSF_ALERT_CERTEXPIRE.
Run transaction: SA38 and enter program: SSF_ALERT_CERTEXPIRE
Number of Days Until Expiry specifies the number of days for which a certificate must still be valid before warnings are generated. The default value is 30.
If you don’t change anything and immediately ran the program (number 1 on the above screen) then on the output list You’ll see the overview of installed certificates in Your system.
You can scroll down and check all Your certificates. If any certificate expires in the next 30 days it will be marked in red.
On the above screen under numbers 2 and 3, I marked two special functions that may be useful to You, i.e. “Test Warning” and “Lock AutoABAP”. First function You can use test the various methods of creating warnings without requiring the corresponding certificates to exist with only a short validity period. The second function deactivates the execution of AutoABAP report SSFALRTEXP. The system will not create the system message anymore, this may cause the certificate to get expired in system without extending its validity in time.
Shortly – the second function (“Lock AutoABAP”) deactivates the system message “Validity of certificate from list with PSE type >XXX< ends in Y days” during logon to ABAP system.