markpalinux
asked on
Monitor certificate renewal
In our domain we have a Windows 2003 SP2 Enterprise Certificate Server, our domain controllers have a policy so that the auto renew a certificate from the certificate server. We have an application that uses secure LDAP (ldap/ssl) to communicate with these domain controllers, so we need to reboot the servers after the 30 day befor expiration window in which they get the new SSL and before the old one expires. What is a good way to monitor when they get a new certificate, is there an event log entry or something we can monitor?
Logon to your Win2k3 certificate server, and run the Certification Authority console, there you should see the certificate server, under there when you click on the "issued certificates", you should see all the info as to when the certificate was issued etc.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I have used this bash script under cygwin , but never saw that script you posted to before.
http://prefetch.net/code/ssl-cert-check
# Program: SSL Certificate Check <ssl-cert-check>
# Source code home: http://prefetch.net/code/ssl-cert-check
# Author: Matty < matty91 at gmail dot com >
Thanks for you help.
ASKER
Thanks for pointing out that script to me.