Improvement of expiry emails

Hi, is there any chance that the expiration emails include some more information about the certificate which is about to expire?

like serial no. and valid from/to?!

this would make it much more easier to check whether the certificate was exchanged already?!

there are plenty of information available, why not use them?

$ echo "check time: $(date)"; cc letsencrypt.org
check time: Mon  5 Aug 15:26:16 CEST 2024
FQDN: letsencrypt.org PORT: 443 IP: letsencrypt.org (DNS IP: 35.156.224.161 18.192.94.96 2a05:d014:275:cb02::c8 2a05:d014:275:cb01::c8 )
md5 Fingerprint =       65:39:C5:B4:21:A4:20:6B:7A:52:83:B5:8F:FE:AC:2F
sha1 Fingerprint        =       66:AC:9D:73:12:EF:63:6B:50:3A:55:A4:43:19:72:13:DF:97:32:B9
sha256 Fingerprint      =       45:F6:1D:89:B6:13:31:66:18:82:DA:04:A6:BF:BD:E1:4E:FF:1D:E6:2D:2D:33:9F:7A:20:4B:0B:2B:DA:25:A3
Serial Number:            03:48:21:0e:84:af:e4:3a:53:dc:f7:77:96:ac:23:6d:50:c3
Issuer: C = US
 O = Let's Encrypt
 CN = E6
Not Before: Jun 10 17:12:26 2024 GMT
Not After : Sep  8 17:12:25 2024 GMT
Subject: CN = lencr.org
DNS:lencr.org
 DNS:letsencrypt.com
 DNS:letsencrypt.org
 DNS:www.lencr.org
 DNS:www.letsencrypt.com
 DNS:www.letsencrypt.org
verify depth is 42
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = E6
verify return:1
depth=0 CN = lencr.org
verify return:1
DONE
Verify return code: 0 (ok)
    Verify return code: 0 (ok)
$

Issuer is a bit useless here but this is just an example of what I use to the check certificates on the internet.

Many Thanks!

5 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.