R
Roy Johnson
Ok, one posting eaten. Trying again:
My task is to check the expiration dates of security certificates, so
we'll know when we need to renew them. I'm not terribly SSL savvy, but
this should be really basic, right?
Web searches pointed me to Net::SSLeay, which I'm wading through
without getting a great understanding of what's important. I've built
some code by example, and would appreciate some input from those with
expertise, regarding:
- am I using the right module?
- am I using it appropriately (or, more likely, how far off-track am
I)?
Code:
use strict;
use warnings;
use Net::SSLeay qw(die_now die_if_ssl_error);
Net::SSLeay::load_error_strings();
Net::SSLeay::SSLeay_add_ssl_algorithms(); # Important!
Net::SSLeay::randomize();
my $cert_path = '/path/to/cert.pem';
my $key_path = '/path/to/notacakeynopass.pem';
my $ctx = Net::SSLeay::new_x_ctx() or die("Failed to create CTX $!");
Net::SSLeay::set_cert_and_key($ctx, $cert_path, $key_path);
my $ssl = Net::SSLeay::new($ctx) or die("Failed to create SSL $!");
my $cert = Net::SSLeay::dump_peer_certificate($ssl);
## Presumably, the expiration will be in here somewhere
print "Cert is ", length($cert), "bytes\n";
print $cert, "\n";
My task is to check the expiration dates of security certificates, so
we'll know when we need to renew them. I'm not terribly SSL savvy, but
this should be really basic, right?
Web searches pointed me to Net::SSLeay, which I'm wading through
without getting a great understanding of what's important. I've built
some code by example, and would appreciate some input from those with
expertise, regarding:
- am I using the right module?
- am I using it appropriately (or, more likely, how far off-track am
I)?
Code:
use strict;
use warnings;
use Net::SSLeay qw(die_now die_if_ssl_error);
Net::SSLeay::load_error_strings();
Net::SSLeay::SSLeay_add_ssl_algorithms(); # Important!
Net::SSLeay::randomize();
my $cert_path = '/path/to/cert.pem';
my $key_path = '/path/to/notacakeynopass.pem';
my $ctx = Net::SSLeay::new_x_ctx() or die("Failed to create CTX $!");
Net::SSLeay::set_cert_and_key($ctx, $cert_path, $key_path);
my $ssl = Net::SSLeay::new($ctx) or die("Failed to create SSL $!");
my $cert = Net::SSLeay::dump_peer_certificate($ssl);
## Presumably, the expiration will be in here somewhere
print "Cert is ", length($cert), "bytes\n";
print $cert, "\n";