Re: [pfSense] Notification about soon-to-expire certificates
This would be useful, I've made a monitoring tool (still unofficial until i figure out how to get it in the proper package repo) here that I might play with and see if I can get an alert setup for this by simply loading the cert page and parsing the expire date. http://www.reddit.com/r/PFSENSE/comments/2x7gni/monitoring_pfsense_with_monitmmonit/ Jim On Fri, Jun 19, 2015 at 7:38 AM, Steve Yates st...@teamits.com wrote: Philipp Tölke wrote on Thu, Jun 18 2015 at 9:19 am: Is there a way for pfSense to warn us by email if a certificate will expire soon so that we can replace them before it's too late? Our ticketing software tracks items like that and creates a ticket for renewal. Perhaps a recurring appointment in Outlook? -- Steve Yates ITS, Inc. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Notification about soon-to-expire certificates
The application on the nagios server would make a web request to the https port and would check the exp date when it connected. I suppose you could use the openssl client to connect to the VPN service if it uses a different cert with a different date. Walter On Fri, Jun 19, 2015 at 1:17 AM, Philipp Tölke pt+pfse...@fos4x.de wrote: Hi Walter, thanks for your answer! On 19.06.2015 01:24, Walter Parker wrote: If your network is large enough to have a monitoring package (like Nagios), some of them support certificate checking. Can nagios access the certificates on the pfSense or would I have to upload all interesting certificates? Regards, -- Philipp Tölke ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold -- The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Notification about soon-to-expire certificates
Hi all, we use incoming OpenVPN to access some external installations. Some of those installations are in rather hard to reach places. Is there a way for pfSense to warn us by email if a certificate will expire soon so that we can replace them before it's too late? Cheers, -- Philipp Tölke ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold