OK, last night I had the embarrassment of by my boss discovering that I did not renew the SSL certificate of a web site we run before the expiration date. But, more than the embarrassment, I felt stupid for not setting up a way to monitor the SSL certificates of our web sites and having a facility that would hammer me as the certificate expiration day get closer.
After bit of research, I found that I could have run openssl command below via a cron from anywhere in my network and monitor it:
openssl s_client -connect hostname:443 < /dev/null 2>&1 | openssl x509 -noout -enddate
Oh, well.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment