Forum OpenACS Development: Announcement: certificate expiration warnings for admins

Request notifications

Dear all,

the HEAD version of OpenACS has the new capability to warn site-admins about expiring certificates. This is particular useful for users of NaviServer's letsencrypt module, since letsencrypt has short certificate validity periods of 90 days. The behavior can be tailored with the two package parameters of acs-admin, named "ExpireCertificateEmail" and "ExpireCertificateWarningPeriod".

The new code registers a scheduled procedure that runs every night, checks the certificates in use by the server using the OpenSSL command-line tool and sends a warning, when the remaining validity time is below some threshold. The code does not depend on letsencrypt and works for all certificates.

all the best
-gustaf neumann

[1] http://cvs.openacs.org/changelog/OpenACS?cs=MAIN%3Agustafn%3A20180927085905
[2] https://openacs.org/forums/message-view?message_id=5395615