On 11 September 2017 at 19:25, Viktor Dukhovni <postfix-us...@dukhovni.org> wrote:
> > > On Sep 11, 2017, at 5:21 AM, Dominic Raferd <domi...@timedicer.co.uk> > wrote: > > > > Does anyone know a way to detect if the certificate currently being used > by Postfix and/or Dovecot is nearing expiry (esp. in case they haven't > picked up the updated letsencrypt certificate)? > > See below for OpenSSL 1.0.2 or later. > .. > > > #! /bin/bash > ... > Thanks Viktor I am sure I will find this helpful and I love your elegant bash coding. Can I ask a couple of dump questions? - what do I specify for the CAfile? - does this check against the certificates being offered both by Postfix and Dovecot (which I use for SASL) or just one of them and if so which one?