Prefetch Technologies // Keeping your cache lines cozy

Archive

Posts in Development

Testing SSL services

developmentNov 5, 2005 1 min read

If you manage web applications and servers, you may have encountered a poorly written application or a web server that periodically hangs for no reason. These issues usually pop up out of the blue, and most people rely on their user community to notifiy them when problems are detected. To ensure timely notifications when these problems occur, I developed ssl-service-check. ssl-service-check is written in Bourne shell, and uses the OpenSSL toolkit to connect to a service and issue a "GET /." If the service fails to respond, ssl-cervice-check will log an error to syslog and send an e-mail to the address defined in the global ADMINS variable…

$ read more →
earlier

Printing the certificate issuer with ssl-cert-check

developmentOct 16, 2005 1 min

I modified ssl-cert-check this weekend to print the certificate issuer along with the certificate expiration date: Hopefully this will make renewals easier for folks using ssl-cert-check.

$ read more →

Testing for expired certificates

developmentOct 9, 2005 2 min

I made some major enhancements to ssl-cert-check, and released a new version to the daemons.net web server. The new version no longer requires GNU date, which should make it a bit more portable. If you have never used ssl-cert-check before, you can start by reviewing the available options with the "-h" (help) option: If you wish to view the expiration date for a PEM encoded X.509 certificate, ssl-cert-check can be invoked with the "-c" (certificate file to process) option and a certificate file to process: To check when an SSL-enabled server's certificate will expire, ssl-cert-check can be executed with the "-s" (server name) and "-p" (TCP port to use) options: If you manage dozens of SSL-enabled servers, you can place the server names and port numbers in a file, and run ssl-cert-check against that file: ssl-cert-check can also be used to provide automated alerts when certificates are about to expire. The following example uses ssl-cert-check's "-q" (quiet -- don't write anything to the terminal), "-a" (automated alerts) and "-e" (e-mail address to send alert to) options to send an e-mail to admin@daemons.net if a certificate will expire in the next 60-days: The automated alert option can also be used with the batch processing mode, and will trigger one automated notification per problematic certificate…

$ read more →

New version of ldap-stats.pl (version 3.0)

developmentSep 25, 2005 3 min

I had been meaning to update ldap-stats.pl for quite some time, and finally got the updates completed this afternoon. The new version contains usage breakdowns by hour of day, day of month, and months in the year: The time breakdowns can be useful for finding bootleg cron jobs, and attempts to illegally access the directory server. Let me know if you find any problems!

$ read more →

ldap-gather.pl update

developmentSep 18, 2005 1 min

I finally took the time to cleanup ldap-gather.pl. The new version (2.0) provides the same functionality as before, but several lines of cruft were removed. I also added additional comments to help me figure out what I was doing a year from now. Shibby!

$ read more →