Software /
code /
prosody
Comparison
prosodyctl @ 7210:48149ecbb649
prosodyctl: check certs: Warn about certificate expiry in the near future
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 28 Feb 2016 18:24:12 +0100 |
parent | 7209:92e5036bc55c |
child | 7211:117f4a627813 |
child | 7212:167dbd29fbeb |
comparison
equal
deleted
inserted
replaced
7209:92e5036bc55c | 7210:48149ecbb649 |
---|---|
1241 print(" Certificate: "..ssl_config.certificate) | 1241 print(" Certificate: "..ssl_config.certificate) |
1242 local cert = load_cert(cert_fh:read"*a"); cert_fh = cert_fh:close(); | 1242 local cert = load_cert(cert_fh:read"*a"); cert_fh = cert_fh:close(); |
1243 if not cert:validat(os.time()) then | 1243 if not cert:validat(os.time()) then |
1244 print(" Certificate has expired.") | 1244 print(" Certificate has expired.") |
1245 cert_ok = false | 1245 cert_ok = false |
1246 elseif not cert:validat(os.time() + 86400) then | |
1247 print(" Certificate expires within one day.") | |
1248 cert_ok = false | |
1249 elseif not cert:validat(os.time() + 86400*7) then | |
1250 print(" Certificate expires within one week.") | |
1251 elseif not cert:validat(os.time() + 86400*13) then | |
1252 print(" Certificate expires within one month.") | |
1246 end | 1253 end |
1247 if config.get(host, "component_module") == nil | 1254 if config.get(host, "component_module") == nil |
1248 and not x509_verify_identity(host, "_xmpp-client", cert) then | 1255 and not x509_verify_identity(host, "_xmpp-client", cert) then |
1249 print(" Not vaild for client connections to "..host..".") | 1256 print(" Not vaild for client connections to "..host..".") |
1250 cert_ok = false | 1257 cert_ok = false |