This is the command check_ssl_cert that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator
PROGRAM:
NAME
check_ssl_cert - checks the validity of X.509 certificates
SYNOPSIS
check_ssl_cert -H host [OPTIONS]
DESCRIPTION
check_ssl_cert A Nagios plugin to check an X.509 certificate:
- checks if the server is running and delivers a valid certificate
- checks if the CA matches a given pattern
- checks the validity
ARGUMENTS
-H,--host host
server
OPTIONS
-A,--noauth
ignore authority warnings (expiration only)
--altnames
matches the pattern specified in -n with alternate names too
-C,--clientcert path
use client certificate to authenticate
--clientpass phrase
set passphrase for client certificate.
-c,--critical days
minimum number of days a certificate has to be valid to issue a critical status
-e,--email address
pattern to match the email address contained in the certificate
-f,--file file
local file path (works with -H localhost only)
-h,--help,-?
this help message
--long-output list
append the specified comma separated (no spaces) list of attributes to the plugin
output on additional lines. Valid attributes are: enddate, startdate, subject,
issuer, modulus, serial, hash, email, ocsp_uri and fingerprint. 'all' will include
all the available attributes.
-i,--issuer issuer
pattern to match the issuer of the certificate
-n,---cn name
pattern to match the CN of the certificate
-N,--host-cn
match CN with the host name
--ocsp check revocation via OCSP
-o,--org org
pattern to match the organization of the certificate
--openssl path
path of the openssl binary to be used
-p,--port port
TCP port
-P,--protocol protocol
use the specific protocol: http (default) or smtp,pop3,imap,ftp (switch to TLS)
-s,--selfsigned
allows self-signed certificates
-S,--ssl version
force SSL version (2,3)
-r,--rootcert cert
root certificate or directory to be used for certficate validation (passed to
openssl's -CAfile or -CApath)
-t,--timeout
seconds timeout after the specified time (defaults to 15 seconds)
--temp dir
directory where to store the temporary files
--tls1 force TLS version 1
-v,--verbose
verbose output
-V,--version
version
-w,--warning days
minimum number of days a certificate has to be valid to issue a warning status
DEPRECATED OPTIONS
-d,--days days
minimum number of days a certificate has to be valid (see --critical and --warning)
Use check_ssl_cert online using onworks.net services