You can loop through keytool extracting each cert, then pass that to the STDIN of:
This will exit 0 if it is not going to expire within the next $seconds and exit 1 if it will.
Hi ..
I want to check the date for one file which is present on the remote machine.
How do i do that??
Also if i'm only having the sudo rights .. can i do that with my login or do i need all the access rights??
Please let me know asap. (3 Replies)
Hi all
I am using IBM machines with tape drive, what i do is go to informis and i insert the tape and run the command "ontape -s -L " and the level of backup that i want to take. Now what i want to check is which days are the backup being run, does the system create a log and stores info where... (0 Replies)
Does anyone know how to extract the expiration date of a Solaris 9 certificate? I have searched over the 'net and it seems this command ssl-cert-check comes up often but this does not work on my servers. Not sure how to extraxt the expiration dates of the SSL Certs so if anyone can help that would... (2 Replies)
Hi All,
Warm New Year Wishes to every one
I am New to UNIX and i don't have much Experience on UNIX Scripting, so can someone help me out on below Request
I have Digital certificates that are being used in My current project. All these Certificates are of Extensions (.cert and .pfx)... (1 Reply)
Hi All, I have certificates that are being used in my current Project and all the Certificates are of extension ( .pfx - Identities , .cert - trusted certificates etc). All these certificates will expire in some other time. Can someone help me out in providing a script that is used to check the... (0 Replies)
Hi Guys,
I am new to HP-UX and want to find expiration date of particular user please also note i don't have root access on that server.
for e.g.
i have user abc on my HP box and want to know when its password going to expire and also when its password changed last time.
I also try to... (7 Replies)
i am reading line by line from a file as below
while IFS= read -r var
do
...
...
...
done < "hello.txt"
I added the keytool command in the do while loop as below.
while IFS= read -r var
do
...
keytool -genkey -alias $fname -keyalg RSA -keystore $fname.jks -keysize 2048
...
done... (3 Replies)
I first generated jks using
keytool -genkey -alias keyAlias-keyalg RSA -keypass changeit -storepass changeit keystore keystore.jksThen i generated the csr using
keytool -certreq -alias $addr -sigalg SHA256withRSA -keystore $addr.jks -file $addr.csr Below is how i self sign and generate the... (0 Replies)
Discussion started by: mohtashims
0 Replies
LEARN ABOUT CENTOS
certwatch
CERTWATCH(1) Cryptography Utilities CERTWATCH(1)NAME
certwatch - generate SSL certificate expiry warnings
SYNOPSIS
certwatch [OPTION...] filename
DESCRIPTION
The certwatch program is used to issue warning mail when an SSL certificate is about to expire.
The program has two modes of operation: normal mode and quiet mode. In normal mode, the certificate given by the filename argument is
examined, and a warning email is issued to standard output if the certificate is outside its validity period, or approaching expiry. If the
certificate cannot be found, or any errors occur whilst parsing the certificate, the certificate is ignored and no output is produced. In
quiet mode, no output is given, but the exit status can still be used.
The certificate can be specified by its nickname or by a path to the containing file.
OPTIONS --quiet, -q
Enable quiet mode; no output is produced whether the certificate is expired or not
--period days, -p days
Specify the number of days within which an expiry warning will be produced; default is 30. Expiry warnings are always produced if, on
the day of invocation, the certificate is not yet valid, has already expired, or is due to expire either that day or the following day.
--address address, -a address
Specify the address used in the To field of the warning e-mail issued if quiet mode is not enabled. The default is root.
--directory cert-directory, -d cert-directory
Specify the database directory containing the certificate and key database files. The default is yet to be determined.
DIAGNOSTICS
The exit code indicates the state of the certificate:
0
The certificate is outside its validity period, or approaching expiry
1
The certificate is inside its validity period, or could not be parsed
NOTES
The certwatch program is run daily by crond from the file /etc/cron.daily/certwatch to generate warning mail concerning the imminent expiry
of SSL certificates configured for use in the Apache HTTP server. These warnings can be disabled by adding the line: NOCERTWATCH=yes to the
file /etc/sysconfig/httpd. Additional options to pass to certwatch can be specified in that file in the CERTWATCH_OPTS environment
variable.
FILES
/etc/cron.daily/certwatch, /etc/sysconfig/httpd
SEE ALSO genkey(1)crypto-utils 2.4.1 9 June 2014 CERTWATCH(1)