Windows PKI blog

News and information for public key infrastructure (PKI) and Active Directory Certificate Services (AD CS) professionals

Verifying The SSL Certificate Expiration with a tool

Verifying The SSL Certificate Expiration with a tool

  • Comments 5
  • Likes

An active member of our community developed a very handy tool to verify - or let's actually say monitor - the validity of SSL server certificates.

After downloading and extracting the the ZIP-file the tool is quite self explanatory. Press CTRL+A or click Add Server Entry on the Server List menu. Once you have entered the web address and SSL port, the entry appears in the list of servers.

image

To perform the verification, just click the Scan button on the toolbar. The validity information is added to the table.

If you'd need to regularly verify the time validity of SSL certificates, save the server list for re-use.

Comments
  • I like the tool and the benefit that it provides, but there's some improvements I would really like to see:

    * Sorting on the dates and days left to be based on the date and days left, not the string.

      In this tool, the list 1, 11, 140, 2, 24, 3 is an ordered list instead of 1, 2, 3, 11, 24, 140 as it should be

    * Running the tool on a large list of domains takes a while and ends up requiring a lot of user input. (every error encountered requires a click). I would rather see the error go to the Subject field than have a MessageBox pop up every time.

    * Similarly, from the perspective of a large list, an import ability (non-XML) of hosts or hosts+ports (copy+paste or csv)

    * When you enter in a wildcard certificate and the tool is able to resolve it and pull back a certificate, the view feature will not work because the '*' is an invalid character for a file. (When you try to write it to the Local Settings\Temp directory, try a different character like ^ or &)

    * There is a "System.ArgumentOutOfRangeException: InvalidArgument=Value of '0' is not valid for 'index'." when you select 'View Certificate' if nothing is selected, just check the bounds before attempting to do work.

    Again, thanks a lot for the tool!

  • MS2065, can we have the download link available again ?

    Thanks

    FPG

  • If you wish to automate SSL certificate validation (say, running against multiple servers), you can use my PowerShell implementation: en-us.sysadmins.lv/.../Post.aspx

    BTW, I've uploaded a copy of the tool.

    HTH.

  • Vadims, Thanks for uploading the tool. For sure I'll take a look against your PS script as well

    Thanks

    Fernando Poitivin Gonçalves

  • The link to the download does not work?

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment