On 2013-05-23 17:47:13 +0200 (+0200), Hans-Joachim Knobloch wrote:
[...]
> Maybe I would even start a project to develop such a tool. But why start
> coding if there already is a >=80% solution to the problem? Hence my
> request.
[...]
Did this for years with Nagios (formerly Netsaint), using the
On 23.05.2013 17:18, Moritz wrote:
> A generic solution is any kind of scheduler/calendar/reminder, right? Or
> what kind of tool to you imagine,
I imagine a tool that can
- parse X.509 certificates to extract notAfter dates
- read e-mail addresses from subject DN, subjectAltNames etc.
- override
Also be aware of the caveat that if you have a VIP with SSL termination
behind it (i.e. on the hosts) and the CN points to the VIP you will be
hitting only one of the many servers when doing verification. Same story
with geo load balancing.
It gets worse with active-passive deployments since you m
A generic solution is any kind of scheduler/calendar/reminder, right? Or
what kind of tool to you imagine, and how is that specific to "crypto"?
On 23.05.2013 16:05, Hans-Joachim Knobloch wrote:
> Dear all,
>
> is anyone of you aware of a (preferably open source) tool that keeps a
> database of c
Dear Hans-Joachim,
Oddly, there is in fact one, which “suddenly” appeared on my servers and
which is nagging me currently about a soon-to-expire certificate. It
sends out daily mails to root@host.domain with detailed information.
It's called certwatch and is at least shipped with fedora. It can b
Dear all,
is anyone of you aware of a (preferably open source) tool that keeps a
database of certificates and sends e-mail reminders about the impending
expiry (and hence the probable necessity of a renewal) to configurable
e-mail address of the respective responsible person?
Regards,
Hans-Joa
