#Syncovery before script as admin pro
# - Add support for connecting to the mail sbmission port - Luis E.Could you confirm that SyncBack Pro (since you use it) does mandatorily follow folder symlinks even in its current version, or better even, tell that by option, it does NOT follow them, which for sync and backup purposes, would be the wished-for behavior.
# - Add support for connecting to imap servers - Joerg Pareigis # - Add support for connecting to FTP servers - Paul A Sand # - Added check to verify the certificate retrieved is valid # - Fixed a bug in certificate length checking - Tim Nowaczyk
# - Added the number of days until expiration to the Nagios output - Nick Anderson # - Adjust e-mail checking to avoid exiting if notifications aren't enabled - Nick Anderson # - Add a "-v" option to specify a specific protocol version (ssl2, ssl3 or tls) # - Fixed typo in date2julian routine - Ken Cook # - Utilize the -clcerts option to limit the results to client certificates - Eitan Katznelson # - Set RETCODE to 3 (unknown) if a connection error occurs - Dan Doyle # - Check for "no route to host" errors - Dan Doyle # - Allow the certificate type (PEM, DER, NET) to be passed on the command line # - Enable the TLS -servername extension by default - Juergen Knaack & Johan Denoyer # - Add a check to look for the existence of a mail program. # - Add an additional check to pick up bad / non-existent certificates # - Allow white spaces to exist in the certificate file list # - Added a DEBUG option to assist with debugging folks who use the script # - Add the openssl -servername flag if it shows up in help. # - Added option to specify email sender address # - Cleaned up many formatting - Marcel Pennewiss # - Add a "-N" option to create summarized Nagios output - Marcel Pennewiss # - Add a "-d" option to specify a directory or file mask pattern - Marcel Pennewiss # - Set RETCODE to 3 (unknown) if a certificate file does not exist - Marcel Pennewiss # - Use highest returncode for Nagios output - Marcel Pennewiss # - Fixed the test for the -servername flag - Kitson Consulting. # - Define the version in the PROGRAMVERSION variable # - Print the version with the "-V" option. # - First round of updates to make shellcheck happy # - Updated the script syntax to align with UNIX shell programming # - Change CERTDAYS to CERTDIFF in the e-mail subject. # - Fix unquoted MAIL and MAILMODE variables in help output # - Use command -v instead of which utility to satisfy shellcheck. # if the script doesn't exit() cleanly - Timothe Litt # - Add a signal handler to call the cleanup funtion # - Switched openssl CLI options to use an array.
# - Set the default TLS version to 1.1 (can be overridden with -v) # - Fixed an innocuous whitespace bug in TLSFLAG variable creation Reply to this email directly, view it on GitHub, or mute the thread. You are receiving this because you authored the thread. PEM routines:PEM_read_bio:no start line ( #50)Ĭan you add set -vx to the top of the script and e-mail me the output? Also, can you save the CERT_TMP and ERROR_TMP files? Those will help me figure out what is going on (could be the SSL version). Februar 2019 15:29īetreff: Re: Getting error unable to load certificate. The openssl version in the runtime path is indeed very old (OpenSSL 1.0.1i-fips ). The files CERT_TMP and ERROR_TMP where not created. In stdout.txt you see that the certificate is considered expired although it is actually valid until. The stdout and stderr outputs are attached (with redacted server and port -> ) I ran the script with set -vx at the top for just one server where ssl-cert-check fails since the latest commits.