User session is opened every minute for every ssl-enabled virtual server

OS centos 7

I know that it is intentional to check for expired certs. This is setup to happen once every 5 minutes, and that’s how it worked until yesterday.
Since yesterday I 've been getting this in my var/log/secure:
su: pam_unix(su:session): session opened for user {USER} by (uid=0)

5 times every 5 minutes
No new crons exist, i believe this is run by but why the x5?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.