keep track of SSL cert expiration?
This is a discussion on keep track of SSL cert expiration? within the Linux Web Servers forums, part of the Web Server and Related Forums category; Hello, We have a bunch of SSL certificates that are used on various web servers (Apache, IIS). Right now we ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
08-11-2005
|
|||
|
|||
keep track of SSL cert expiration?
Hello,
We have a bunch of SSL certificates that are used on various web servers (Apache, IIS). Right now we just list them on some internal web page and go through them on a regular basis to see which ones will expire soon. Just curious if there are any tools that can help keep track of certificates status? Thanks in advance for sharing your experience, providing any pointers, etc. Bing |
|
08-11-2005
|
|||
|
|||
|
Re: keep track of SSL cert expiration?
dubing@gmail.com said:
>We have a bunch of SSL certificates that are used on various web >servers (Apache, IIS). Right now we just list them on some internal >web page and go through them on a regular basis to see which ones will >expire soon. Just curious if there are any tools that can help keep >track of certificates status? I once hacked together something like this based on output of openssl s_client -showcerts -connect server:port < /dev/null | openssl x509 -noout -startdate -enddate -subject -- Wolf a.k.a. Juha Laiho Espoo, Finland (GC 3.0) GIT d- s+: a C++ ULSH++++$ P++@ L+++ E- W+$@ N++ !K w !O !M V PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h---- r+++ y++++ "...cancel my subscription to the resurrection!" (Jim Morrison) |
|
08-12-2005
|
|||
|
|||
|
Re: keep track of SSL cert expiration?
On Thu, 11 Aug 2005 07:46:12 -0700, dubing wrote:
> We have a bunch of SSL certificates that are used on various web > servers (Apache, IIS). Right now we just list them on some internal > web page and go through them on a regular basis to see which ones will > expire soon. Just curious if there are any tools that can help keep > track of certificates status? > CentOS 4 (based on RHEL) has a prog called "certwatch" - but I haven't used it - man page looks like this: NAME certwatch - generate SSL certificate expiry warnings SYNOPSIS certwatch [-q] filename DESCRIPTION The certwatch program is used to issue warning mail when an SSL cer- tificate is about to expire. .... -- Dave Abbott, UNIX SysAdmin | Department of Computer Science | http://www.dcs.shef.ac.uk/ The University of Sheffield | |
Linear Mode
