At the beginning of February, Lets Encrypt sent out an email saying they were no longer sending emails prior to certificate expiration. That means I'm going to have to track my own certificate expiration dates.
As an example command line to get things started:
</dev/null openssl s_client -connect ounl.bm:443 -servername www.ounl.bm | \ openssl x509 -text -noout | grep 'Not After'
- </dev/null - send an empty connection (otherwise the client will not disconnect)
- -text - expands the content of the certificate
- -noout - does not show the encoded certificate
Some other links if I want to do this programmatically:
- cseelye/ssl.cpp - git gist to extract contents, notably a way to extract the expiry date/time
- RaymiiOrg/openssl-modern-cpp - Modern C++ OpenSSL examples
- libs/beast/example/websocket/server/coro-ssl/websocket_server_coro_ssl.cpp - maybe this beast example has the basics of acquiring the certificate, then the other code snippets can be used to decode it
- Boost ASIO SSL - this is probably an easier way to acquire a certificate and then use the other code segments to decode it
