2019-02-08 Version 1.82.0: Added a check on the readability of the certificate file
2019-02-01 Version 1.81.0: Added an option to specify a warning level with SSL Labs
2019-01-16 Version 1.80.1: Fixed a problem on systems not supporting echo -e
2018-12-24 Version 1.80.0: Better output in case of errors while using SNI
2018-12-10 Version 1.79.0: Differentiate between IMAP on port 143 and IMAPS on port 993
                           Fixed a vulnerability in the parsing of the certificate issuer
2018-11-07 Version 1.78.0: Bug fixes in IMAP and HTTP requests
2018-11-05 Version 1.77.0: CA file and directory support
2018-10-19 Version 1.76.0: Sends a correct HTTP request
2018-10-18 Version 1.75.0: Allow to specify a client certificate key
2018-10-15 Version 1.74.0: Fixed a bug generating a confusing error message on timeout
2018-09-10 Version 1.73.0: Fixed a bug in the cleanup of temporary files, fixed a bug with certificates without OCSP
                           Fixed tests with more reliable hosts
                           Allows to check against all the issuers in the CA chain
                           Fixed a bug with --long-output on Linux
			   Fixed the validation of --critical and --warning
2018-07-01 Version 1.72.0: Corrected a bug introduced in 1.71.0: remove temporary files
2018-07-01 Version 1.71.0: Corrected a bug introduced in 1.70.0: wrong exit codes
2018-06-28 Version 1.70.0: Improved the management of temporary files
2018-06-25 Version 1.69.0: Added an option to require OCSP stapling
2018-04-29 Version 1.68.0: Removed the SNI name check
2018-04-17 Version 1.67.0: Terse output, warning if the specified server name is not found in the certificate and --format option
2018-04-06 Version 1.66.0: UTF-8 output
2018-03-29 Version 1.65.0: Bug fix release
2018-03-28 Version 1.64.0: Remove cURL dependency
2018-03-17 Version 1.63.0: Support for TLS 1.3
2018-03-06 Version 1.62.0: Support for LibreSSL
2018-01-19 Version 1.61.0: Fixed a bug handling more than one OCSP host
2017-12-15 Version 1.60.0: Fixed a bug related to XMPP introduced in the last version
2017-12-14 Version 1.59.0: Added an option to specify the 'to' attribute of the XMPP stream element
2017-11-29 Version 1.58.0: Support for DER encoded CRL files
2017-11-28 Version 1.57.0: Added --fingerprint to check the SHA1 fingerprint of the certificate
2017-11-17 Version 1.56.0: Added support for -xmpphost if available
2017-11-16 Version 1.55.0: Fixed XMPP support and IPv6 addresses as host
2017-09-19 Version 1.54.0: With the -f command line option, you can also specify a certificate revocation list (CRL)
2017-09-10 Version 1.53.0: The timeout is applied to OCSP checks
2017-09-09 Version 1.52.0: The SAN requirement check is now optional
2017-07-28 Version 1.51.0: Use openssl s_client's -help option to test for SNI support
2017-07-24 Version 1.50.0: Fix in the Common Name parsing
2017-07-17 Version 1.49.0: Support for OpenSSL 1.1
2017-06-22 Version 1.48.0: Checks for missing subjectAlternativeName extension (https://support.google.com/chrome/a/answer/7391219?hl=en)
2017-06-15 Version 1.47.0: Fixed an issue with OCSP URI with protocols other than HTTP or HTTPS
2017-05-15 Version 1.46.0: Fixed a problem with the detection of OCSP URLs
2017-05-02 Version 1.45.0: Fixed bugs in the date computation and OCSP checks
2017-04-28 Version 1.44.0: Fixed a bug occurring when more than one issuer URI is present
2017-03-07 Version 1.43.0: Support for LDAP
2017-02-16 Version 1.42.0: Support for OpenSSL > 1.1.0
2017-02-10 Version 1.41.0: Added --sni to specify the server name
2017-02-08 Version 1.40.0: Changed the CN output when --altnames is used
2017-02-02 Version 1.39.0: Fixed a bug related to SNI
2017-02-02 Version 1.38.2: Fixed a bug in the command line argument parsing
2017-01-29 Version 1.38.1: Small corrections in the documentation
2017-01-28 Version 1.38.0: Added support for wildcards in alternative names and caching of the issuer certificate
2016-12-23 Version 1.37.0: Added a patch to specify multiple CNs
2016-12-13 Version 1.36.2: fixed a minor problem with --debug
2016-12-06 Version 1.36.1: fixed a problem when specifying a CN beginning with *
2016-12-04 Version 1.36.0: fixed problem when file is returing PEM certificate on newer
                           Linux distributions
			   added an option to specify the location of the file utility
2016-10-18 Version 1.35.0: added support for the selection of the cipher authentication
2016-09-19 Version 1.34.0: added proxy support for the OCSP checks (thanks to Leynos)
2016-08-04 Version 1.33.0: disabling OCSP checks when no issuer URI is found
2016-07-29 Version 1.32.0: added support for date with timestamp calculation and
                           fixed case sensitive comparison of CN
2016-07-12 Version 1.31.0 Fixed the parsing of the CN field
2016-06-30 Version 1.30.0 OCSP check is fixed and enabled by default
2016-06-15 Version 1.29.0 New option to clear the cached value at SSL Labs
                          IRC support
2016-06-01 Version 1.28.0 Increased control over which SSL/TLS versions to use
2016-03-29 Version 1.27.0 Fixes a bug in the OpenSSL error parsing
2016-03-29 Version 1.26.0 Fixes a bug in wildcard match
2016-03-21 Version 1.25.0 Fixes a bug on CN parsing on non-GNU systems
                          Handle wildcard certificates
2016-03-09 Version 1.24.0 Waits for SSL Labs Results
2016-03-07 Version 1.23.0 Supports SNI even when not checking CN and does not
  	   	   	  issue a critical when SSL Labs is still checking a host
2016-03-03 Version 1.22.0 Initial support for SSL Labs checks
	   	   	  Support for UTF output (thanks to Konstantin Shalygin)
2016-03-01 Version 1.21.0 Fixed a bug which prevented the check on the expiration date
2016-02-26 Version 1.20.0 Added debugging output (-d or --debug)
                          Improved the handling of OpenSSL error messages
			  Does not stop the validation if the server requires a
			  client certificate
2016-02-25 Version 1.19.0 Added a check for certificates signed with SHA-1 or MD5
                          Added an option to disable the expiration date check
2015-10-31 Version 1.18.0 Added an option to check the certificate's serial number
                          (thanks to Milan Koudelka)
2015-10-20 Version 1.17.2 Fixed a bug with OCSP
2015-04-07 Version 1.17.1 Fixed the check on the openssl binary
2014-10-21 Version 1.17.0 Added an option to check revocation via OCSP
2014-06-06 Version 1.16.2 Fixed a problem with -servername when -n was not specified
2014-02-28 Version 1.16.1 Added a Make target for the RPM package
2013-12-23 Version 1.16.0 Added an option to force TLS version 1
2013-07-29 Version 1.15.0 Added an option to force a certain SSL version (thanks
                          to Max Winterstein)
2013-05-12 Version 1.14.6 Added XMPP and timeout support (thanks to Christian
                          Ruppert and Robin H. Johnson)
2013-03-02 Version 1.14.5 Fixed a bug occuring with TLS and multiple names in
                          the certificate
2012-12-07 Version 1.14.4 Fixed a bug causing -N to always compare the CN
                          with 'localhost'
2012-09-19 Version 1.14.3 Improved the error message in case of a failure in
                          the certificate download
2012-07-13 Version 1.14.2 Added the name since or to expiration in the plugin
                          output.
2012-07-11 Version 1.14.1 FIxed a bug with Perl date computation on some systems
2012-07-06 Version 1.14.0 The status now includes performance data in days until
                          expiration (requires perl with Date::Parse).
                          It is now possible to print additional information in
                          the plugins long output (multiline, Nagios 3 only)
2012-04-05 Version 1.13.0 The plugin will now try to fetch the certificate without
                          without TLS extensions in case of error
2012-04-04 Version 1.12.0 Fixed a bug in the chain verification (hard coded
                          error number)
2011-10-22 Version 1.11.0 --altname option
2011-09-01 Version 1.10.0 Applied a patch from Sven Nierlein to authenicate
                          using a client certificate
2011-03-10 Version  1.9.1 Allows HTTP as protocol and fixes -N with wildcards
2011-01-24 Version  1.9.0 Added an option to specify the openssl executable
2010-12-16 Version  1.8.1 Fixed bugs with environment bleeding & shell globbing
2010-12-08 Version  1.8.0 Added support for TLS servername extension in
                          ClientHello
2010-10-28 Version  1.7.7 Fixed a bug in the signal specification introduced
                          in 1.7.6
2010-10-28 Version  1.7.6 Better temporary file clean up (thanks to Lawren
                          Quigley-Jones)
2010-10-14 Version  1.7.5 Applied a patch from Yannick Gravel fixing the test
                          order
2010-10-01 Version  1.7.4 Applied a patch from Lawren Quigley-Jones adding the
                          -A option
2010-09-15 Version  1.7.3 Fixed a bug in the option processing
2010-08-26 Version  1.7.2 Removes useless use of cat, better test for expect
                          utility
2010-08-26 Version  1.7.1 Replaces "-verify 6" which was erroneously removed in
                          the previous version
2010-08-26 Version  1.7.0 Overloaded --rootcert option to allow -CApath as well
                          as -CAfile
2010-07-21 Version  1.6.1 Added an option to specify where to temporarily
                          store the certificate
2010-07-09 Version  1.6.0 Added long command line options and substituted
                          -days with --critical and --warning
2010-07-07 Version  1.5.2 Added the -f option to check a local file
2010-07-01 Version  1.5.1 Fixed the plugin output
2010-03-11 Version  1.4.4 Fixed bug #64 (== bashism)
2010-03-09 Version  1.4.3 -N and -n options to compare the CN to an hostname
2009-12-02 Version  1.4.2 the -i ISSUER option now checks if the O= or the
                          CN= fields of the root certificate match
2009-11-30 Version  1.4.1 -r to specify the root cert to be used for
                          verification
2009-11-30 Version  1.4.0 certificate chain verification
2009-03-30 Version  1.3.0 -P option to check TLS certificates
                          (SMTP, FTP, POP3, ...)
2008-05-13 Version  1.2.2 include the CN in the messages (D. Wallis)
2008-02-25 Version  1.2.1 better error handling
2008-02-25 Version  1.2.0 general cleanup (POSIX compliance, removed
                          nmap dependency, ...) from Dan Wallis
2007-08-31 Version 1.1.0  - option to enforce a given email address
                          - option to enforce a given organization
                          - temporary files cleanup upon exit
2007-08-15                Bug fix: openssl did not close the connection cleanly
2007-08-10                First release (1.0)
