Welcome to the check_x509 homepage. Check_x509 in a generic script to check X509 entities for expiration periods. It can be run from nagios, nrpe, cron, on the command line, or in other scripts or programs.

check_x509 is highly configurable. It's config file allows you to specify a list of x509 entities to check and each one can have its own warning/critical thresholds, can be in PEM, DER, or PEM Bundle format, and can be either a certificate or a CRL. In addition, you can specify a global default warning/critical threshold. It will aggregate the result, report the most severe, and list all entities at that level.

Config file options can be overridden on the command line, and exit statuses are suitable for Nagios.

This page is © Phil Dibowitz 2001 - 2019