Is it possible to query freeradius' certificate expiration remotely?
Kristofer Hallin
kristofer at sunet.se
Tue May 2 05:12:29 UTC 2023
No, there are no functionality in FreeRADIUS to do that. And you get connection refused since FreeRADIUS listen on UDP ports.
/K
> On 2 May 2023, at 02:05, Matt H <meh1963 at gmail.com> wrote:
>
> Is it possible to query freeradius' certificate expiration date remotely
> for the cert in /etc/raddb/certs?
>
> I'm trying to set up an alert so there's notification when the cert is <60
> days from requiring renewal.
>
> I'm trying the following but the command returns connection refused on all
> of the ports I expected it to work on:
>
> openssl s_client -servername rad2.domain.com -connect rad2.domain.com:1813
> | openssl x509 -noout -dates
>
> I've tried ports 443, 8080, 88, 1812, 1813, 1645, 1646, and everything else
> I can find that might be listening, to no avail.
>
> Thanks for any guidance
> /mh
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list