Raim

Checking expiry dates of SSL certificates

July 3rd, 2010 No comments

Once again I missed the expiry date of one of the SSL certificates on my server. Therefore I am now using a cronjob to warn me early enough that a certificate is about to expire.

This is the script /usr/local/bin/ssl-cert-check which checks the expiry date of the certificate files passed as arguments:

#!/bin/bash

DAYS=30

for file in "$@"; do
    openssl x509 -checkend $(( 86400 * $DAYS )) -in "$file" > /dev/null
    if [ $? != 0 ]; then
        echo "==> Certificate $file is about to expire soon:"
        openssl x509 -enddate -in "$file" -noout
    fi
done

And the corresponding cronjob entry checking SSL certificates once a day:

6       6    * * *   root   /usr/local/bin/ssl-cert-check /etc/apache2/ssl/*.crt /etc/ssl/certs/dovecot.pem

Categories: English, Software Tags: certificate, cronjob, expiry, openssl, ssl, x509

twitter: raimue

OK Go - This Too Shall Pass - Rube Goldberg Machine version: http://t.co/0Hjy7zCs 14 hours ago
Building llvm and clang from trunk: "Compiling ARMDisassembler.cpp for Release+Debug+Asserts build" => clang at 2.84 GB and swapping… 19 hours ago
RT @sixtus: Umsatz der Musikindustrie: € 1,8 Mrd. Umsatz der Bestatterbranche: € 5,3 Mrd. Warum hat so eine Nischenindustrie eine derart ... 20 hours ago
Mac OS X Lion built with CSS3, http://t.co/R065XnDS (via @DerEdy) 23 hours ago
RT @alex_gaynor: Open source can't afford to have crappy code, no one would volunteer to work on it. 2012/02/04

Archive

Checking expiry dates of SSL certificates

Welcome!

Recent Posts

twitter: raimue

Archives

Meta