Certificate Expiration Dates
Have you ever had a certificate expire and COREid components stop functioning on you?
Once you figured out that it was a certificate you were like, “oh-oh, there might be a few more expiring in the next few minutes, hours, days, etc.” This is one of those things that us mere mortals re-learn how to do once a year and then promptly re-forget immediately afterwards.
The openssl tool installed alongside each COREid component can be used to determine the valid dates for a certificate. The following example examines a self signed COREid certificate (“simple mode”) . The same example holds true for all COREid components: Identity Server, Access Server, WebPass, WebGate and Access Manager (frequently installed alongside WebGate).
C:\>cd \Program Files\COREid\WebComponent\access\oblix\tools\openssl
C:\>openssl x509 -in ..\..\config\simple\aaa_cert.pem -noout -dates
notBefore=Mar 28 22:23:15 2005 GMT
notAfter=Mar 28 22:23:15 2006 GMT