How do I know that certificate renewal has worked?

I just got an e-mail that my certificate is about to expire in 20 days, but there was no information how to renew my certificate. I found settings deep in my Synology NAS and clicked Renew certificate. There was no indication that there was success or failure to renew the certificate. How do I know if the renewal has worked? Which procedure is normally used when renewing the certificate? Can I make it happen automatically?

1 Like

Where do you use your certificate for? A website? You can check the certificate in your browser. It depends on the browser how though, use Google to find out.

2 Likes

It is for remote backup purpose so there is no web page to go to to get certificate info from a f a i k. I have tried to surf to the address, but there is no response.

For every TLS enabled service you should be able to connect to it with the openssl s_client command. You'd need to find out which port is used for that backup service and connect to it using:

openssl s_client -connect $hostname_or_ip_address:$portnumber

This would show you the PEM encoded certificate, which isn't very useful, but luckily you can pipe that directlly to the openssl x509 module:

openssl s_client -connect $hostname_or_ip_address:$portnumber | openssl x509 -noout -text

This should show you the certificate currently in use with the service you connected to.