Hello,
we have created around 120 users in the Ipfire under OpenVPN. These certificates will soon expire, now I have to click into each individual certificate to see the expiry date.
Is there a way to generate a list of the certificates that are about to expire?
thx
touro411
You will have to do it from the console command line with a script.
The command to find the end date from the certs is
cat /var/ipfire/ovpn/certs/xxxxxcert.pem | openssl x509 -noout -enddate
where xxxxx is the connection name for each user. Your script just needs to cycle through all the xxxxxcert.pem files in /var/ipfire/ovpn/certs
The above command gives the following example output
notAfter=Dec 2 19:34:21 2022 GMT
which can then be filtered by the script as desired.
If I type the command in putty, it works fine…
How can I create a cycle through all pem files? With an array?
searching for “bash loop through files in directory” gets lots of links on how to do that.
Matthias, here’s a short script …
cd /var/ipfire/ovpn/certs/
for f in $(ls *cert.pem); do
z=`cat $f | openssl x509 -noout -enddate`;
printf "%s \t %s \n" "$f" "$z" ;
doneHello,
this is a pretty script from anon42188109, but i wuold like to have it in:
DD MM YYY hh:mm:ss Name
not like
notAfter=Dec 2 19:34:21 2022 GMT
Best Regards
sorry to say, but anon42188109 is a user that left the Community and you are probably on your own.
Since this is an old thread (2+ years), I am going to close this topic.