crypto-utils/certwatch.xml

<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
  "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<refentry>

  <refentryinfo>
    <productname>crypto-utils</productname>
    <date>September 2004</date>
  </refentryinfo>

  <refmeta>
    <refentrytitle>certwatch</refentrytitle>
    <manvolnum>1</manvolnum>
  </refmeta>
  
  <refnamediv>
    <refname>certwatch</refname>
    <refpurpose>generate SSL certificate expiry warnings</refpurpose>
  </refnamediv>

  <refsynopsisdiv>
    <cmdsynopsis>
      <command>certwatch</command>
      <arg choice="opt"><option>-q</option></arg>
      <arg choice="plain"><replaceable>filename</replaceable></arg>
    </cmdsynopsis>
  </refsynopsisdiv>
  
  <refsect1>
    <title>Description</title>

    <para>The <command>certwatch</command> program is used to issue
    warning mail when an SSL certificate is about to expire.</para>

    <para>The program has two modes of operation: normal mode and
    quiet mode.  In normal mode, the certificate given by the
    <replaceable>filename</replaceable> argument is examined, and a
    warning email is issued to standard output if the certificate is
    outside its validity period, or approaching expiry.  If the
    certificate cannot be found, or any errors occur whilst parsing
    the certificate, the certificate is ignored and no output is
    produced.</para>

    <para>In quiet mode (when the <literal>-q</literal> argument is
    given), no output is ever produced.</para>
    
  </refsect1>

  <refsect1>
    <title>Diagnostics</title>
    
    <para>In both modes of operation, the exit code indicates the
    state of the certificate:</para>
    
    <variablelist>
      <varlistentry>
        <term><emphasis>0</emphasis></term>
        
        <listitem><simpara>The certificate is outside its validity
        period, or approaching expiry</simpara></listitem>
      </varlistentry>

      <varlistentry>
        <term><emphasis>1</emphasis></term>
        
        <listitem><simpara>The certificate is inside its validity
        period, or could not be parsed</simpara></listitem>
      </varlistentry>
    </variablelist>
  </refsect1>

  <refsect1>
    <title>Notes</title>

    <para>The <command>certwatch</command> program is run daily by
    <command>crond</command> from the file
    <filename>/etc/cron.daily/certwatch</filename> to warn about the
    imminent expiry of SSL certificates configured for use in the
    Apache HTTP server.  This warning can be disabled by adding the
    line: <literal>NOCERTWATCH=yes</literal> to the file
    <filename>/etc/sysconfig/httpd</filename>.</para>

  </refsect1>

  <refsect1>
    <title>Files</title>

    <para><filename>/etc/cron.daily/certwatch</filename></para>
  </refsect1>

</refentry>
- add /usr/bin/certwatch - support --days argument to genkey (#131045) 2004-09-10 14:16:06 +00:00			`<?xml version='1.0' encoding='utf-8'?>`
			`<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"`
			`"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">`
			`<refentry>`

			`<refentryinfo>`
			`<productname>crypto-utils</productname>`
			`<date>September 2004</date>`
			`</refentryinfo>`

			`<refmeta>`
			`<refentrytitle>certwatch</refentrytitle>`
			`<manvolnum>1</manvolnum>`
			`</refmeta>`

			`<refnamediv>`
			`<refname>certwatch</refname>`
			`<refpurpose>generate SSL certificate expiry warnings</refpurpose>`
			`</refnamediv>`

			`<refsynopsisdiv>`
			`<cmdsynopsis>`
			`<command>certwatch</command>`
			`<arg choice="opt"><option>-q</option></arg>`
			`<arg choice="plain"><replaceable>filename</replaceable></arg>`
			`</cmdsynopsis>`
			`</refsynopsisdiv>`

			`<refsect1>`
			`<title>Description</title>`

			`<para>The <command>certwatch</command> program is used to issue`
			`warning mail when an SSL certificate is about to expire.</para>`

			`<para>The program has two modes of operation: normal mode and`
			`quiet mode. In normal mode, the certificate given by the`
			`<replaceable>filename</replaceable> argument is examined, and a`
			`warning email is issued to standard output if the certificate is`
			`outside its validity period, or approaching expiry. If the`
			`certificate cannot be found, or any errors occur whilst parsing`
			`the certificate, the certificate is ignored and no output is`
			`produced.</para>`

			`<para>In quiet mode (when the <literal>-q</literal> argument is`
			`given), no output is ever produced.</para>`

			`</refsect1>`

			`<refsect1>`
			`<title>Diagnostics</title>`

			`<para>In both modes of operation, the exit code indicates the`
			`state of the certificate:</para>`

			`<variablelist>`
			`<varlistentry>`
			`<term><emphasis>0</emphasis></term>`

			`<listitem><simpara>The certificate is outside its validity`
			`period, or approaching expiry</simpara></listitem>`
			`</varlistentry>`

			`<varlistentry>`
			`<term><emphasis>1</emphasis></term>`

			`<listitem><simpara>The certificate is inside its validity`
			`period, or could not be parsed</simpara></listitem>`
			`</varlistentry>`
			`</variablelist>`
			`</refsect1>`

			`<refsect1>`
			`<title>Notes</title>`

			`<para>The <command>certwatch</command> program is run daily by`
			`<command>crond</command> from the file`
			`<filename>/etc/cron.daily/certwatch</filename> to warn about the`
			`imminent expiry of SSL certificates configured for use in the`
			`Apache HTTP server. This warning can be disabled by adding the`
			`line: <literal>NOCERTWATCH=yes</literal> to the file`
			`<filename>/etc/sysconfig/httpd</filename>.</para>`

			`</refsect1>`

			`<refsect1>`
			`<title>Files</title>`

			`<para><filename>/etc/cron.daily/certwatch</filename></para>`
			`</refsect1>`

			`</refentry>`