The latest version of the crypto-utils package in Raw Hide includes certwatch(1), which can be used to check whether an X.509 certificate has expired or is about to expire, and issue warning messages as necessary.
It's implemented in /etc/cron.daily/certwatch to, by default, check all certificates configured in the mod_ssl configuration, but this can be extended to any other services which use SSL certificates.
Regards,
joe
--On Friday, September 17, 2004 2:51 PM +0100 Joe Orton jorton@redhat.com wrote:
It's implemented in /etc/cron.daily/certwatch to, by default, check all certificates configured in the mod_ssl configuration, but this can be extended to any other services which use SSL certificates.
Great! How about also pointing it at:
/etc/httpd/conf Apache /etc/ipsec.d OpenSwan
Any other apps that keep certs in their own directories? I know ntop has one in /etc/ntop but ntop is not yet in Fedora.