Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Software
User Name
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.


  Search this Thread
Old 06-13-2008, 03:47 PM   #1
LQ Newbie
Registered: Jun 2008
Distribution: Primarily Ubuntu
Posts: 2

Rep: Reputation: 0
Detecting Revoked SSL Certificate

I am presently using the application ssl-cert-check ( to detect if any of my Apache SSL certificates are expired. I have it set up as a cron job to check the SSL certificates on a list of web sites.

This script will only let me know if if my certificate is expired. I am now looking for a script that will take in a list of web sites and inform me if any of their SSL certificates have been revoked. Newer browsers (Firefox 3.x and IE 7.x) check web site SSL certificates to see whether or not they have been revoked before it starts to load the site.

I work in a large organization where someone else manages the SSL certificates that I use. They have accidentally revoked some of my certificates in the past and have caused issues with users who have newer browsers. Hence, proactively checking my SSL certificates to see if they have been revoked is important to me.

Please let me know if you know of a way to do this.

Thanks very much!
Old 06-15-2008, 01:59 AM   #2
Senior Member
Registered: May 2008
Location: planet earth
Distribution: Debian
Posts: 1,732

Rep: Reputation: 50
Update your certificate revocation list regularly from the public CAs and any other CAs you may use. You probably want a single machine to do this, and all your other computers can update from that machine. Hmm ... perhaps the SSL/TLS libraries need an option to check for revocation from the CA before proceeding. At the moment I am only aware of checking against a local revocation list.
Old 11-05-2010, 02:31 PM   #3
LQ Newbie
Registered: Nov 2010
Posts: 1

Rep: Reputation: 0
Exclamation An SSL diagnostic tool

dslehman, a tool that may help with monitoring SSL certificates is a web-based one that I use for certs but also monitoring sites in general. Basically its a diagnostic http/https tool with alert capability to monitor SSL certificates, expiration dates, etc. Its free so may be worth checking out -
Old 11-08-2010, 07:14 PM   #4
Registered: Jan 2009
Location: /dev/ph
Distribution: Fedora, Ubuntu, Redhat, Centos
Posts: 299

Rep: Reputation: 62
You can also use the openssl verify command in a shell script to check if certifiates have expired and lots more.


certificate, linux, openssl, script, ssl

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Openssl - verify wheather certificate is revoked djgerbavore Linux - Security 1 11-21-2005 07:20 AM
SSL Certificate The_JinJ Linux - General 1 03-21-2005 11:46 PM
ssl-certificate twantrd Linux - General 1 03-31-2004 08:47 AM
SSL Certificate terminology dvong3 Linux - General 1 12-19-2003 08:50 AM
SSL certificate without..... Drogo Linux - Software 1 06-13-2003 02:13 AM > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 05:59 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration