One important part of using SSL is to keep track of expiration dates on certificates. Most client software will rightfully refuse to connect to a server that presents an expired certificate, resulting in interrupted services. For CentOS and other RHEL based distributions, the crypto-utils package contains a very useful utility called certwatch, which can be used to detect whether a certificate will expire in the near future. Read More