On 9/13/06, Daniel Stenberg <daniel_at_haxx.se> wrote:
>
> On Wed, 13 Sep 2006, Marian Cerny wrote:
>
> > when CURLOPT_SSL_VERIFYPEER is set to 0, then validity period of
> > certificates is not checked too?
>
> Actually, looking at the code I'm not immediately sure how the period
> validation is done, if at all.
>
> I'd be interested to learn as well once you find out!

I'm doing cert expiry checks the hard way - grab the page with the verbose
option, grep out the "expiry date" line, convert the date to seconds using
the 'date' command, subtract today's date in seconds, divide by 86400 to get
days, if the result is less than 14 send a warning, if less than 7 send an
alert. Bourne shell all the way...

Yeah, it could be more efficient, but it only runs once per day, for about 5
minutes, so it's not much of a resource hog... :)

If anyone wants a copy, I can strip it down the essentials

Ralph Mitchell
Received on 2006-09-13