develooper Front page | perl.libwww | Postings from March 2001

Server certificate expiration date

From:
Derek J. Balling
Date:
March 15, 2001 18:07
Subject:
Server certificate expiration date
Message ID:
p05010414b6d7251c3b29@[206.132.89.194]
I'm trying to determine, using LWP, Crypt::SSLeay, or whatever tools I need
to use, what the expiration date of a remote server certificate is.

For example, if I connect to edit.secure.yahoo.com, I'll get back as headers:

HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Fri, 16 Mar 2001 02:05:20 GMT
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 05 Jan 1995 22:00:00 GMT
Client-Date: Fri, 16 Mar 2001 02:05:20 GMT
Client-Peer: 216.115.106.24:443
Client-SSL-Cert-Issuer: /C=US/O=RSA Data Security, Inc./OU=Secure Server
Certifi
cation Authority
Client-SSL-Cert-Subject: /C=US/ST=California/L=Santa
Clara/O=Yahoo/OU=Yahoo/CN=e
dit.yahoo.com
Client-SSL-Cipher: EDH-RSA-DES-CBC3-SHA
Client-SSL-Warning: Peer certificate not verified
Set-Cookie: B=110laastb2t70&b=2; expires=Thu, 15 Apr 2010 20:00:00 GMT; path=/;
domain=.yahoo.com
Title: Welcome to Yahoo!


But there's nothing there that tells me WHEN the certificate expires. Is
that information available somewhere? I'd like to try and scan our secure
servers regularly looking for certificates that are "close to expiration"
to make sure that they don't mistakenly get "un-renewed", but I can't seem
to figure out how to get that information.

Any assistance would be very helpful. Thanks.

D
-- 
+---------------------+-----------------------------------------+
| dredd@megacity.org  | "Conan! What is best in life?"          |
|  Derek J. Balling   | "To crush your enemies, see them        |
|                     |    driven before you, and to hear the   |
|                     |    lamentation of their women!"         |
+---------------------+-----------------------------------------+



nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About