[Cross-posting to news:relcom.comp.security for no good reason
I wonder, is there a simplistic free software X.509 "server"
Two features I seek are:
* check all the X.509 certificate files (mostly PEM) specified
for whether they're going to expire anytime soon, and produce
a list thereof; (ideally, the list would include not just the
filename, but also the Subject:, Issuer: and Serial: fields;
* take a list of the files holding the old (one per file) and
renewed (possibly many per file) certificates and overwrite
the old ones with new.
PS. I'm using https://CAcert.org/
certificates on a bunch of hosts, and
have some trouble renewing them every 6 months.
FSF associate member #7257