Checking when a SSL/TLS certificate for an email server expires

Check if the SSL/TLS certificate for SMTP email has expired on the local server

echo ‘”‘ | openssl s_client -connect localhost:25 -starttls smtp > /var/tmp/jik

depth=0 /C=GB/ST=Hampshire/L=Farnborough/O=Tuqix/CN=mail.tuqix.org
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=GB/ST=Hampshire/L=Farnborough/O=Tuqix/CN=mail.tuqix.org
verify error:num=10:certificate has expired
notAfter=Feb  9 16:03:39 2010 GMT
verify return:1
depth=0 /C=GB/ST=Hampshire/L=Farnborough/O=Tuqix/CN=mail.tuqix.org
notAfter=Feb  9 16:03:39 2010 GMT
verify return:1
250 DSN
DONE
–  As you can see it has! After making a new one with genken –days 1825 mail.tuqix.org  and restarting dovecot ; service dovecot restart:-
-bash-3.2# echo ‘”‘ | openssl s_client -connect localhost:25 -starttls smtp > /var/tmp/jik
depth=0 /C=GB/ST=Hampshire/L=Farnborough/O=Tuqix/CN=mail.tuqix.org
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=GB/ST=Hampshire/L=Farnborough/O=Tuqix/CN=mail.tuqix.org
verify return:1
250 DSN

Leave a Reply

Your email address will not be published. Required fields are marked *