#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2015
    Posts
    3
    Rep Power
    0

    Query a Web Server SSL Cert Expiration Date


    Hi All,

    New to the forum and hope to stay involved here. I wrote a server inventory management system and would like to try and enhance it bit further with some automation, does anyone know how to query an SSL Certs expiration date using cold fusion?

    My plan...

    - Create CF Scheduled Job that would query a list of URL's (https://)
    - Get the the SSL Certs Expiration Date and then compare that with the Current Date
    - Generate automated email if date range is within x number of days

    Thanks!
  2. #2
  3. No Profile Picture
    Moderator

    Join Date
    Jun 2002
    Location
    Raleigh, NC
    Posts
    5,296
    Rep Power
    969
    As far as I know, since this is a fairly specific and unusual use case, there isn't anything built into CF that can do this. You'd have to leverage a Java library, or write your own Java class (or write CF code that invokes the relevant Java classes) to do this.
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2015
    Posts
    3
    Rep Power
    0
    Thanks! I wasn't sure if I could somehow call a particular URL and leverage some type of remote host identifier and then try and dive deeper.

    Thanks again!
  6. #4
  7. No Profile Picture
    Moderator

    Join Date
    Jun 2002
    Location
    Raleigh, NC
    Posts
    5,296
    Rep Power
    969
    Hmm, actually you might be able to do this (again, using Java). Check this example: Java HttpsURLConnection example, and if you can get the X509 certificate (https://docs.oracle.com/javase/7/doc...rtificate.html), it looks like you can determine the expiration using getNotAfter().
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2015
    Posts
    3
    Rep Power
    0
    Going to be a learning curve for me but will check that out. I thought I might be able to pull it off with using CFHTTP but it looks like that only returns limited content

    //////// OUTPUT ////////
    Accept-Ranges bytes
    Content-Length 2643
    Content-Location https://www.mywebserverurl.com/home.htm]
    Content-Type text/html
    Date Tue, 21 Apr 2015 17:00:31 GMT
    ETag "e769a22084f5cd1:e3c"
    Explanation OK
    Http_Version HTTP/1.1
    Last-Modified Fri, 18 Jan 2013 14:00:09 GMT
    Server Microsoft-IIS/6.0
    Status_Code 200
    X-Powered-By ASP.NET

IMN logo majestic logo threadwatch logo seochat tools logo