Henrik,
The website is private. I've already rolled back the code but I can reapply the patch and take screen shots if need be.
Judging from the fact that Xymon was saying that the certificates expired about 42 years ago, a couple of the programmers here indicate that it's not picking up data from the certificate properly and interpreting that as the epoch and counting forward from there for expiration date.
Here is the output from the command you requested...
CONNECTED(00000003) depth=2 C = US, O = "The Go Daddy Group, Inc.", OU = Go Daddy Class 2 Certification Authority verify return:1 depth=1 C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", OU = http://certificates.godaddy.com/repository, CN = Go Daddy Secure Certification Authority, serialNumber = 07969287 verify return:1 depth=0 OU = Domain Control Validated, CN = fwbox.feeneywireless.com verify return:1
Certificate chain 0 s:/OU=Domain Control Validated/CN=fwbox.feeneywireless.com i:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287 1 s:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287 i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority 2 s:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
Server certificate -----BEGIN CERTIFICATE----- MIIFaDCCBFCgAwIBAgIHB8iKC1CjJjANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAY BgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlm aWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5 IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5Njky ODcwHhcNMTMwNDAzMjIyMzI4WhcNMTYwNDAzMjIyMzI4WjBGMSEwHwYDVQQLExhE b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxITAfBgNVBAMTGGZ3Ym94LmZlZW5leXdp cmVsZXNzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMelCCph m8VoRZWtaa3H4OWE5G5NaVbsET1rB6OoX90mxUN1eIqi4S4aQtTYeEVFVk+gEq5W p50q3b/G2nUaZAztN4BjfW34FHA3hl8ODRrZNCzwIBpXuxsteVXWiqvWs8WawQVw mmlY62O4vyoUp0cwxm7Tc5j8ep6h0ORrmEmAoqrYqlgHJ09cpJ5kPHER6pp4V2DT ZmYC1u+cMAsmKr8VZ47qc2GUvzJxHuL7znkkpEaJVI+pqp5rhC0fCB0dZHq6rRTS YfxnOXuehS3EYqpQtgDAL0M7XxQlsvF0za//fS+Inlo45IA4vvAkblMatrLlCgVz HkPNcpU2JBQP0q8CAwEAAaOCAdQwggHQMA8GA1UdEwEB/wQFMAMBAQAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDAzBgNVHR8E LDAqMCigJqAkhiJodHRwOi8vY3JsLmdvZGFkZHkuY29tL2dkczEtODguY3JsMFMG A1UdIARMMEowSAYLYIZIAYb9bQEHFwEwOTA3BggrBgEFBQcCARYraHR0cDovL2Nl cnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzCBgAYIKwYBBQUHAQEE dDByMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5nb2RhZGR5LmNvbS8wSgYIKwYB BQUHMAKGPmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9y eS9nZF9pbnRlcm1lZGlhdGUuY3J0MB8GA1UdIwQYMBaAFP2sYTKTbEXW4u6FX5q6 53aZaMznMEEGA1UdEQQ6MDiCGGZ3Ym94LmZlZW5leXdpcmVsZXNzLmNvbYIcd3d3 LmZ3Ym94LmZlZW5leXdpcmVsZXNzLmNvbTAdBgNVHQ4EFgQUvv+bnMlX2yH6jZ5b 5JtnZFh+5H0wDQYJKoZIhvcNAQEFBQADggEBAJbY4wbgbUmkgBsbvAQJNPcNBW+R Rbyj3zQEyJovR0OA6nGfXwRsoR/ZgtlO64efL/+nuGQYv4XUrOK1z7dylfTvIgVY LDqSOF2kr+LK3WI1EuOSYlsmVooy5fcb4RG715S1fJqvaOEilmMX6LR6ys6F1wxb Cz2i6e/6qLkfKODDweh1Gp0rnFUFWhVOJedp/j5Erpy6cvzG+eviB+EfEdBGIvI6 850iEBUteVGu8BQ2A6pCjwAi6eK/Mb/3y+JaTXbi/9KvRRNH65Vczy/Q+Ud+9cci 9Ns6rNeVByqt7sptYR7QSsfh/YsSea4fWPDd2QtobJ4dFsZK6PRzwzedROo= -----END CERTIFICATE----- subject=/OU=Domain Control Validated/CN=fwbox.feeneywireless.com issuer=/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287
-----Original Message----- From: Xymon [mailto:xymon-bounces at xymon.com] On Behalf Of Henrik Størner Sent: Tuesday, August 06, 2013 9:49 PM To: xymon at xymon.com Subject: Re: [Xymon] SSL Certs on servers with multiple virtualhosts
Here is the output of the sslcert page in Xymon for that virtual server. It is the second virtual server configured - the first being vzw.
SSL certificate for https://fwbox.feeneywireless.com/ expires in 1357 days
Server certificate: subject:/OU=Domain Control Validated/CN=vzw.feeneywireless.com start date: 2013-04-25 23:08:28 GMT expire date:2017-04-25 22:44:17 GMT key size:2048 issuer:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287
John Alexander
Hi John,
On 06-08-2013 23:38, John D. Alexander wrote:
There seems to be a math error in there. It has my certificates having expired 15500 days ago.
is this a public website so I can try it myself ?
If not, could you please run
openssl s_client -servername "www.yoursite.com"
-connect your.server.ip:443
(substite the site-name and IP as appropriate) ? I'm interested in the certificate itself - the part of the output that looks like
Server certificate -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgIDCDa4MA0GCSqGSIb3DQEBBQUAMDwxCzAJBgNVBAYTAlVT MRcwFQYDVQQKEw5HZW9UcnVzdCwgSW5jLjEUMBIGA1UEAxMLUmFwaWRTU0wgQ0Ew al4b4feKk2DNYYrZ3N3v/8XruC27BRfo4HMi7P/xwUHu2LtcHvOIyQkHPg3GAENP ... more lines like these ... psilcHKH+ghFIeP5KSaDJYlKN2WZ -----END CERTIFICATE-----
Thanks, Henrik
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon