The certwatch utility monitors X509 certificates expiration dates by
processing one or more data files containing lists of hostnames with
optional port numbers.
It's mainly used to check the expiration date of HTTPS certificates
(which is the default target when the port number is not indicated),
but the tool is protocol-agnostic and can "talk" to any SNI-aware
(Server Name Information) SSL/TLS server (smtps, imaps, ldaps, etc.)
without making too much assumptions on the correctness of servers
certificates.
The certificates can be saved to a specified directory for further
analysis with other tools (such as OpenSSL).
The tool's results are presented as text tables.
The main one is the list of certificates successfully fetched, ordered
by expiration date. This list can be filtered to only show
certificates expired or expiring within the specified number of days.
The second table is the sorted list of hostnames / hostports where
certificates couldn't be fetched, with our best attempts to identify
the reason why.
Two additional tables can be generated in order to print the common
names and alternate names unmentioned in your input data files.
Finally, for user convenience, all these reports can be generated in a
single multi-tabs Excel workbook.
PR: 277970
Approved by: maintainer, bapt (mentor)
This is the FreeBSD Ports Collection. For an easy to use
WEB-based interface to it, please see:
https://www.FreeBSD.org/ports
For general information on the Ports Collection, please see the
FreeBSD Handbook ports section which is available from:
https://docs.freebsd.org/en/books/handbook/ports/
for the latest official version
or:
The ports(7) manual page (man ports).
These will explain how to use ports and packages.
If you would like to search for a port, you can do so easily by
saying (in /usr/ports):
make search name="<name>"
or:
make search key="<keyword>"
which will generate a list of all ports matching <name> or <keyword>.
make search also supports wildcards, such as:
make search name="gtk*"
For information about contributing to FreeBSD ports, please see the Porter's
Handbook, available at:
https://docs.freebsd.org/en/books/porters-handbook/
NOTE: This tree will GROW significantly in size during normal usage!
The distribution tar files can and do accumulate in /usr/ports/distfiles,
and the individual ports will also use up lots of space in their work
subdirectories unless you remember to "make clean" after you're done
building a given port. /usr/ports/distfiles can also be periodically
cleaned without ill-effect.