Certificate monitoring utility for watching tls certificates and reporting the result as metrics.

Last update: Dec 6, 2022

Related tags

Overview

cert-checker

cert-checker is a certificate monitoring utility for watching tls certificates. These checks get exposed as Prometheus metrics to be viewed on a dashboard, or soft alert cluster operators.

This tool is heavily inspired by the awesome version-checker by jetstack.

Supported Certificate Errors

cert-checker supports the following types of certificate errors (and possible more):

Expired certificates
Wrong host
Bad root certificates
Revoked certificate
Cipher suites not allowed
- dh480
- dh512
- null
- rc4

Installation

cert-checker can be installed as a standalone static binary from the release page

latest release

Create a config file like the below example:

config.yaml:

loglevel: debug
intervalminutes: 10
certificates:
    - dns: google.com
    - dns: expired.badssl.com

Run in Docker

You can use the published docker image like this:

First create a config file as above.

# Start docker container (mounting the config file may be different on OSX and Windows)
docker run -p 8080:8080 -v ${PWD}/config.yaml:/app/config.yaml mogensen/cert-checker:latest
# Now open browser at http://localhost:8080/metrics

See released docker images on DockerHub

In Kubernetes as static manifests

cert-checker can be installed as static manifests:

$ kubectl apply -k ./deploy/yaml

Remember to edit the configmap with the actual domains you want to monitor..

Helm

cert-checker can be installed as as helm release:

$ kubectl create namespace cert-checker
$ helm install cert-checker deploy/charts/cert-checker --namespace cert-checker

Depending on your setup, you may need to modify the ServiceMonitor to get Prometheus to scrape it in a particular namespace. See this.

You may also need to add additional labels to the ServiceMonitor. If you have installed the prometheus-community/kube-prometheus-stack with the name of prometheus the following should work:

$ helm upgrade cert-checker deploy/charts/cert-checker \
    --namespace cert-checker            \
    --set=grafanaDashboard.enabled=true \
    --set=serviceMonitor.enabled=true   \
    --set=serviceMonitor.additionalLabels.release=prometheus

Metrics

By default, cert-checker will expose the version information as Prometheus metrics on 0.0.0.0:8080/metrics.

Grafana Dashboard

A Grafana dashboard is also included in this repository. It is located in the deployment folder: deploy/yaml/grafana-dashboard-cm.yaml

Grafana Dashboard

The dashboard shows the following

Number of Broken Certificates
Number of Certificates about to expire
Number of Good Certificates
A list with Certificates with errors
A list of Certificates Expirations for valid certificates

Options

By default, without the flag -c, --config, cert-checker will use a config file located next to the binary named config.yaml.

This is currently the only flag / option available.

$ cert-checker -h
Certificate monitoring utility for watching tls certificates and reporting the result as metrics.

Usage:
  version-checker [flags]

Flags:
  -c, --config string   config file (default is config.yaml) (default "config.yaml")
  -h, --help            help for version-checker

Development

Test the full setup in Kubernetes with Prometheus and Grafana dashboards:

# First create a new kind cluster locally, and install prometheus
make dev.kind.create
# Build a docker image, load it into kind and deploy cert-checker and promeheus/grafana stuff
make image dev.kind.install

Access the local infrastructure here:

System	URL
Prometheus	http://prometheus.localtest.me/graph?g0.expr=cert_checker_is_valid&g0.tab=1&g0.stacked=0&g0.range_input=1h
Grafana	http://grafana.localtest.me/d/cert-checker/certificate-checker

You might also like...

TLS/SSL Tunnel - A modern STunnel replacement written in golang

go-tunnel - Robust Quic/TLS Tunnel (Stunnel replacement) What is it? A supercharged Stunnel replacement written in golang. is in a sense a proxy enabl

216 Jan 1, 2023

minimal implementation of secured encrypted tcp/ip connection without tls / ssl.

go-secure-transport Demo implementation of secured encrypted TCP connection without TLS / SSL. See ./example for server & client using the transport t

0 Dec 15, 2021

Crypto-project - Personal project for learning TLS

crypto-project My personal attempt to implement this cipher suite using the Go l

0 Feb 14, 2022

Tool for monitoring your Ethereum clients. Client-agnostic as it queries the standardized JSON-RPC APIs

e7mon Tool for monitoring your Ethereum clients. Client-agnostic as it queries the standardized JSON-RPC APIs. However, the execution client should be

31 Dec 20, 2022

A super easy file encryption utility written in go and under 800kb

filecrypt A super easy to use file encryption utility written in golang ⚠ Help Wanted on porting filecrypt to other programing languages NOTE: if you

82 Nov 10, 2022

An ATNA (Audit Trail and Node Authentication) Cloud Backup Utility

ATNA Vault ATNA Vault allows you to maintain a secure long-term archive for all your IHE audit messages. IHE vendors who can provide "filter forward"

1 Mar 13, 2022

Disk Usage/Free Utility - a better 'df' alternative

duf Disk Usage/Free Utility (Linux, BSD, macOS & Windows) Features User-friendly, colorful output Adjusts to your terminal's width Sort the results ac

10.3k Jan 9, 2023

Small utility to sign a small json containing basic kyc information. The key generated by it is fully compatible with cosmos based chains.

Testnet signer utility This utility generates a signed JSON-formatted ID to prove ownership of a key used to submit tx on the blockchain. This testnet

62 Sep 10, 2022

sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP

sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP. (demo)

11.7k Jan 9, 2023

Comments

Add helm chart - solves #1

Hi,

Solves issue #1

I've added a helm chart definition and updated the readme accordingly. Compared to a standard template that you get with helm create I've removed ingress.

I had some trouble getting the ServiceMonitor to work if I install the monitor in the same namespace as the helm release - maybe you can figure it out?

An example of the rendered manifest is shown here:

$ helm template cert-checker deploy/charts/cert-checker --namespace cert-checker
---
# Source: cert-checker/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: cert-checker
  labels:
    helm.sh/chart: cert-checker-0.0.1
    app.kubernetes.io/name: cert-checker
    app.kubernetes.io/instance: cert-checker
    app.kubernetes.io/version: "0.0.1"
    app.kubernetes.io/managed-by: Helm
---
# Source: cert-checker/templates/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: cert-checker
  labels:
    helm.sh/chart: cert-checker-0.0.1
    app.kubernetes.io/name: cert-checker
    app.kubernetes.io/instance: cert-checker
    app.kubernetes.io/version: "0.0.1"
    app.kubernetes.io/managed-by: Helm
data:
  config.yaml: |
      certificates:
      - dns: google.com
      - dns: example.com
      - dns: expired.badssl.com
      - dns: wrong.host.badssl.com
      - dns: untrusted-root.badssl.com
      - dns: self-signed.badssl.com
      - dns: revoked.badssl.com
      - dns: dh480.badssl.com
      - dns: dh512.badssl.com
      - dns: null.badssl.com
      - dns: rc4-md5.badssl.com
      - dns: rc4.badssl.com
      intervalminutes: 1
      loglevel: info
---
# Source: cert-checker/templates/grafana-dashboard-cm.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: cert-checker-grafana-dashboard
  labels:
    grafana_dashboard:  "1"
    helm.sh/chart: cert-checker-0.0.1
    app.kubernetes.io/name: cert-checker
    app.kubernetes.io/instance: cert-checker
    app.kubernetes.io/version: "0.0.1"
    app.kubernetes.io/managed-by: Helm
data:
  cert-checker.json: |-
    {
      "annotations": {
        "list": [
          {
            "builtIn": 1,
            "datasource": "Prometheus",
            "enable": true,
            "hide": true,
            "iconColor": "rgba(0, 211, 255, 1)",
            "limit": 100,
            "name": "Annotations & Alerts",
            "showIn": 0,
            "type": "dashboard"
          }
        ]
      },
      "description": "Dashboard for viewing the status of production certificates. To be used with the cert-checker project.https://github.com/mogensen/cert-checker",
      "editable": true,
      "gnetId": 12833,
      "graphTooltip": 0,
      "links": [],
      "panels": [
        {
          "datasource": null,
          "fieldConfig": {
            "defaults": {
              "custom": {},
              "mappings": [],
              "min": 0,
              "thresholds": {
                "mode": "absolute",
                "steps": [
                  {
                    "color": "green",
                    "value": null
                  },
                  {
                    "color": "red",
                    "value": 1
                  }
                ]
              }
            },
            "overrides": []
          },
          "gridPos": {
            "h": 5,
            "w": 8,
            "x": 0,
            "y": 0
          },
          "id": 4,
          "options": {
            "colorMode": "background",
            "graphMode": "area",
            "justifyMode": "auto",
            "orientation": "auto",
            "reduceOptions": {
              "calcs": [
                "lastNotNull"
              ],
              "fields": "",
              "values": false
            },
            "textMode": "auto"
          },
          "pluginVersion": "7.3.5",
          "targets": [
            {
              "expr": "count(cert_checker_is_valid == 0)",
              "interval": "",
              "legendFormat": "",
              "refId": "A"
            }
          ],
          "timeFrom": null,
          "timeShift": null,
          "title": "Broken Certificates",
          "type": "stat"
        },
        {
          "datasource": null,
          "description": "Certificates with a lifetime < 30 days",
          "fieldConfig": {
            "defaults": {
              "custom": {},
              "mappings": [],
              "min": 0,
              "noValue": "0",
              "thresholds": {
                "mode": "absolute",
                "steps": [
                  {
                    "color": "green",
                    "value": null
                  }
                ]
              }
            },
            "overrides": []
          },
          "gridPos": {
            "h": 5,
            "w": 8,
            "x": 8,
            "y": 0
          },
          "id": 9,
          "options": {
            "colorMode": "background",
            "graphMode": "area",
            "justifyMode": "auto",
            "orientation": "auto",
            "reduceOptions": {
              "calcs": [
                "last"
              ],
              "fields": "",
              "values": false
            },
            "textMode": "auto"
          },
          "pluginVersion": "7.3.5",
          "targets": [
            {
              "expr": "count( ((cert_checker_expire_time{} - time()) / 86400 >= 0) < 30)",
              "interval": "",
              "legendFormat": "",
              "refId": "A"
            }
          ],
          "timeFrom": null,
          "timeShift": null,
          "title": "Certificates about to expire",
          "type": "stat"
        },
        {
          "datasource": null,
          "fieldConfig": {
            "defaults": {
              "custom": {},
              "mappings": [],
              "min": 0,
              "thresholds": {
                "mode": "absolute",
                "steps": [
                  {
                    "color": "green",
                    "value": null
                  }
                ]
              }
            },
            "overrides": []
          },
          "gridPos": {
            "h": 5,
            "w": 8,
            "x": 16,
            "y": 0
          },
          "id": 5,
          "options": {
            "colorMode": "background",
            "graphMode": "area",
            "justifyMode": "auto",
            "orientation": "auto",
            "reduceOptions": {
              "calcs": [
                "lastNotNull"
              ],
              "fields": "",
              "values": false
            },
            "textMode": "auto"
          },
          "pluginVersion": "7.3.5",
          "targets": [
            {
              "expr": "count(cert_checker_is_valid > 0)",
              "interval": "",
              "legendFormat": "",
              "refId": "A"
            }
          ],
          "timeFrom": null,
          "timeShift": null,
          "title": "Good Certificates",
          "type": "stat"
        },
        {
          "datasource": "Prometheus",
          "description": "",
          "fieldConfig": {
            "defaults": {
              "color": {
                "fixedColor": "red",
                "mode": "fixed"
              },
              "custom": {
                "align": null,
                "displayMode": "color-text",
                "filterable": false
              },
              "mappings": [],
              "thresholds": {
                "mode": "absolute",
                "steps": [
                  {
                    "color": "green",
                    "value": null
                  },
                  {
                    "color": "red",
                    "value": 80
                  }
                ]
              }
            },
            "overrides": [
              {
                "matcher": {
                  "id": "byName",
                  "options": "Is Latest"
                },
                "properties": [
                  {
                    "id": "mappings",
                    "value": [
                      {
                        "from": "",
                        "id": 0,
                        "text": "No",
                        "to": "",
                        "type": 1,
                        "value": "0"
                      },
                      {
                        "from": "1",
                        "id": 1,
                        "text": "Yes",
                        "to": "999999999",
                        "type": 2,
                        "value": "1"
                      }
                    ]
                  },
                  {
                    "id": "custom.align",
                    "value": "left"
                  }
                ]
              },
              {
                "matcher": {
                  "id": "byName",
                  "options": "not_after"
                },
                "properties": [
                  {
                    "id": "custom.width",
                    "value": 225
                  }
                ]
              },
              {
                "matcher": {
                  "id": "byName",
                  "options": "not_before"
                },
                "properties": [
                  {
                    "id": "custom.width",
                    "value": 234
                  }
                ]
              },
              {
                "matcher": {
                  "id": "byName",
                  "options": "issuer"
                },
                "properties": [
                  {
                    "id": "custom.width",
                    "value": 395
                  }
                ]
              },
              {
                "matcher": {
                  "id": "byName",
                  "options": "cert_error"
                },
                "properties": [
                  {
                    "id": "custom.width",
                    "value": 640
                  }
                ]
              }
            ]
          },
          "gridPos": {
            "h": 9,
            "w": 24,
            "x": 0,
            "y": 5
          },
          "id": 2,
          "options": {
            "showHeader": true,
            "sortBy": [
              {
                "desc": true,
                "displayName": "not_after"
              }
            ]
          },
          "pluginVersion": "7.3.5",
          "targets": [
            {
              "expr": "sum by(dns, issuer, not_before, not_after, cert_error) (cert_checker_is_valid) == 0",
              "format": "time_series",
              "instant": true,
              "interval": "",
              "legendFormat": "",
              "refId": "A"
            }
          ],
          "timeFrom": null,
          "timeShift": null,
          "title": "Certificates with errors",
          "transformations": [
            {
              "id": "labelsToFields",
              "options": {}
            },
            {
              "id": "organize",
              "options": {
                "excludeByName": {
                  "Time": true,
                  "Value": true,
                  "container": false
                },
                "indexByName": {
                  "Time": 0,
                  "Value": 6,
                  "cert_error": 5,
                  "dns": 1,
                  "issuer": 2,
                  "not_after": 4,
                  "not_before": 3
                },
                "renameByName": {
                  "Value": "Is Valid",
                  "cert_error": "",
                  "current_version": "Current Version",
                  "dns": "",
                  "image": "Image",
                  "latest_version": "Latest Version",
                  "not_after": ""
                }
              }
            }
          ],
          "type": "table"
        },
        {
          "datasource": "Prometheus",
          "description": "",
          "fieldConfig": {
            "defaults": {
              "color": {
                "mode": "thresholds"
              },
              "custom": {
                "align": null,
                "displayMode": "color-text",
                "filterable": true
              },
              "decimals": 1,
              "mappings": [],
              "thresholds": {
                "mode": "absolute",
                "steps": [
                  {
                    "color": "rgb(249, 249, 249)",
                    "value": null
                  },
                  {
                    "color": "red",
                    "value": 0
                  },
                  {
                    "color": "yellow",
                    "value": 15
                  },
                  {
                    "color": "green",
                    "value": 30
                  }
                ]
              },
              "unit": "d"
            },
            "overrides": [
              {
                "matcher": {
                  "id": "byName",
                  "options": "Is Latest"
                },
                "properties": [
                  {
                    "id": "mappings",
                    "value": [
                      {
                        "from": "",
                        "id": 0,
                        "text": "No",
                        "to": "",
                        "type": 1,
                        "value": "0"
                      },
                      {
                        "from": "1",
                        "id": 1,
                        "text": "Yes",
                        "to": "999999999",
                        "type": 2,
                        "value": "1"
                      }
                    ]
                  },
                  {
                    "id": "custom.align",
                    "value": "left"
                  }
                ]
              }
            ]
          },
          "gridPos": {
            "h": 9,
            "w": 24,
            "x": 0,
            "y": 14
          },
          "id": 8,
          "options": {
            "showHeader": true,
            "sortBy": [
              {
                "desc": false,
                "displayName": "Value"
              }
            ]
          },
          "pluginVersion": "7.3.5",
          "targets": [
            {
              "expr": "(cert_checker_expire_time{} - time()) / 60/60/24",
              "format": "table",
              "instant": true,
              "interval": "",
              "legendFormat": "",
              "refId": "A"
            }
          ],
          "timeFrom": null,
          "timeShift": null,
          "title": "Certification Expirations",
          "transformations": [
            {
              "id": "labelsToFields",
              "options": {}
            },
            {
              "id": "organize",
              "options": {
                "excludeByName": {
                  "Time": true,
                  "Value": false,
                  "__name__": true,
                  "container": true,
                  "endpoint": true,
                  "instance": true,
                  "job": true,
                  "namespace": true,
                  "pod": true,
                  "service": true
                },
                "indexByName": {
                  "Time": 0,
                  "Value": 6,
                  "cert_error": 5,
                  "dns": 1,
                  "issuer": 2,
                  "not_after": 4,
                  "not_before": 3
                },
                "renameByName": {
                  "Value": "",
                  "cert_error": "",
                  "current_version": "Current Version",
                  "dns": "",
                  "image": "Image",
                  "latest_version": "Latest Version",
                  "not_after": ""
                }
              }
            }
          ],
          "type": "table"
        }
      ],
      "refresh": "5m",
      "schemaVersion": 26,
      "style": "dark",
      "tags": [],
      "templating": {
        "list": []
      },
      "time": {
        "from": "now-30m",
        "to": "now"
      },
      "timepicker": {
        "refresh_intervals": [
          "10s",
          "30s",
          "1m",
          "5m",
          "15m",
          "30m",
          "1h",
          "2h",
          "1d"
        ]
      },
      "timezone": "",
      "title": "Certificate Checker",
      "uid": "cert-checker",
      "version": 1
    }
---
# Source: cert-checker/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
  name: cert-checker
  labels:
    helm.sh/chart: cert-checker-0.0.1
    app.kubernetes.io/name: cert-checker
    app.kubernetes.io/instance: cert-checker
    app.kubernetes.io/version: "0.0.1"
    app.kubernetes.io/managed-by: Helm
spec:
  type: ClusterIP
  ports:
    - port: 8080
      targetPort: http
      protocol: TCP
      name: http
  selector:
    app.kubernetes.io/name: cert-checker
    app.kubernetes.io/instance: cert-checker
---
# Source: cert-checker/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: cert-checker
  labels:
    helm.sh/chart: cert-checker-0.0.1
    app.kubernetes.io/name: cert-checker
    app.kubernetes.io/instance: cert-checker
    app.kubernetes.io/version: "0.0.1"
    app.kubernetes.io/managed-by: Helm
spec:
  replicas: 1
  selector:
    matchLabels:
      app.kubernetes.io/name: cert-checker
      app.kubernetes.io/instance: cert-checker
  template:
    metadata:
      annotations:
        checksum/config: acdfcef4913d7e7cbb5b4adb47ba00a7e7d44b27e4d5b673f73ad29a539722a5
        enable.cert-checker.io/cert-checker: "true"
        prometheus.io/path: /metrics
        prometheus.io/port: "8080"
        prometheus.io/scrape: "true"
      labels:
        app.kubernetes.io/name: cert-checker
        app.kubernetes.io/instance: cert-checker
    spec:
      serviceAccountName: cert-checker
      securityContext:
        fsGroup: 2000
      volumes:
        - name: config-volume
          configMap:
            name: cert-checker
      containers:
        - name: cert-checker
          securityContext:
            allowPrivilegeEscalation: false
            capabilities:
              drop:
              - ALL
            readOnlyRootFilesystem: true
            runAsNonRoot: true
            runAsUser: 1000
          image: "mogensen/cert-checker:v0.0.1"
          command: ["/app/cert-checker", "-c", "/data/config.yaml"]
          imagePullPolicy: IfNotPresent
          volumeMounts:
          - name: config-volume
            mountPath: /data/
          ports:
            - name: http
              containerPort: 8080
              protocol: TCP
          resources:
            {}
---
# Source: cert-checker/templates/servicemonitor.yaml
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
  name: cert-checker
  labels:
    helm.sh/chart: cert-checker-0.0.1
    app.kubernetes.io/name: cert-checker
    app.kubernetes.io/instance: cert-checker
    app.kubernetes.io/version: "0.0.1"
    app.kubernetes.io/managed-by: Helm
spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: cert-checker
  endpoints:
  - port: http
---
# Source: cert-checker/templates/tests/test-connection.yaml
apiVersion: v1
kind: Pod
metadata:
  name: "cert-checker-test-connection"
  labels:
    helm.sh/chart: cert-checker-0.0.1
    app.kubernetes.io/name: cert-checker
    app.kubernetes.io/instance: cert-checker
    app.kubernetes.io/version: "0.0.1"
    app.kubernetes.io/managed-by: Helm
  annotations:
    "helm.sh/hook": test
spec:
  containers:
    - name: wget
      image: busybox
      command: ['wget']
      args: ['cert-checker:8080/metrics']
  restartPolicy: Never

opened by lhotrifork 1

Unable to get Grafana to connect to the datasource

Good Morning. I am trying to setup this tool and running into some weird issues.

I have Grafana installed local on my CentOS 7 server (Not in docker). I have installed your tool and I can confirm using the sample config.yaml you provided that when I go to http://:8080/metrics I can see the data.

In Grafana I am trying to add the datasource but nothing I type into the config is working. I have tried the URLS

http://localhost:8080/metrics http://:8080/metrics http://<server_ip>:8080/metrics

When I look into the debug console I am seeing errors like this

GET http://localhost:8080/metrics/api/v1/query?query=1%2B1&time=1611849514.366 net::ERR_CONNECTION_REFUSED

Am I missing something?

opened by BearDooks 1

Error was encountered while checking revocations

Hi,

After installing cert-checker I have found some errors in the verification of some of my certificates. Some of the errors are as follows:

2021/09/07 06:25:56 [WARNING] error checking revocation via OCSP
time="2021-09-07T06:25:56Z" level=debug msg=" - Found error for host00.domain.tld:9120 : an error was encountered while checking revocations"
time="2021-09-07T06:25:56Z" level=debug msg="Probing: host04.domain.tld:443"
time="2021-09-07T06:25:56Z" level=debug msg="Probing: host04.domain.tld:9020"
2021/09/07 06:25:57 [WARNING] error checking revocation via OCSP
time="2021-09-07T06:25:57Z" level=debug msg=" - Found error for host04.domain.tld:9020 : an error was encountered while checking revocations"
time="2021-09-07T06:25:57Z" level=debug msg="Probing: host04.domain.tld:9120"
2021/09/07 06:25:57 [WARNING] error checking revocation via OCSP
time="2021-09-07T06:25:57Z" level=debug msg=" - Found error for host04.domain.tld:9120 : an error was encountered while checking revocations"
time="2021-09-07T06:25:57Z" level=debug msg="Probing: host05.domain.tld:443"
time="2021-09-07T06:25:57Z" level=debug msg="Probing: host05.domain.tld:9020"
2021/09/07 06:25:57 [WARNING] error checking revocation via OCSP
time="2021-09-07T06:25:57Z" level=debug msg=" - Found error for host05.domain.tld:9020 : an error was encountered while checking revocations"
time="2021-09-07T06:25:57Z" level=debug msg="Probing: host05.domain.tld:9120"
2021/09/07 06:25:58 [WARNING] error checking revocation via OCSP
time="2021-09-07T06:25:58Z" level=debug msg=" - Found error for host05.domain.tld:9120 : an error was encountered while checking revocations"
time="2021-09-07T06:25:58Z" level=debug msg="Probing: host10.domain.tld:443"
time="2021-09-07T06:25:58Z" level=debug msg="Probing: host11.domain.tld:443"
time="2021-09-07T06:25:58Z" level=debug msg="Probing: host12.domain.tld:443"

trying to debug the application, the function that does the OCSP check returns the following: "bad OCSP signature: crypto / rsa: verification error"

Thanks in advance.

opened by angelsantillana94 3

Allow users to individualise date formats

Hello,

I would be happy if there is more to "individuallize". Am unfortunately not powerful this programming language that I could rework myself.

If I have time, I would like to change the date to dd.MM.YYYY. Where would I find that the?

Thanks a lot
enhancement help wanted good first issue

opened by Maximilian1021 2

Releases(v0.0.6)

v0.0.6(Jun 21, 2021)

Changelog

ce7e2c9 Adding readinessProbe and livenessProbe to Kubernetes deployment artifacts f7fb8fa Fix spelling mistake. 7a39304 Update Documentation c5c8f4e Update docker example in Readme 4a50f08 Update helm chart changelog d33ec23 Version v0.0.6
Source code(tar.gz)
Source code(zip)
cert-checker_checksums.txt(882 bytes)
cert-checker_Darwin_arm64.tar.gz(3.60 MB)
cert-checker_Darwin_x86_64.tar.gz(3.69 MB)
cert-checker_Linux_arm64.tar.gz(3.22 MB)
cert-checker_Linux_armv6.tar.gz(3.31 MB)
cert-checker_Linux_i386.tar.gz(3.37 MB)
cert-checker_Linux_x86_64.tar.gz(3.54 MB)
cert-checker_Windows_armv6.zip(3.40 MB)
cert-checker_Windows_i386.zip(3.50 MB)
cert-checker_Windows_x86_64.zip(3.59 MB)
cert-checker-helm-chart-0.0.6(Jun 21, 2021)

A tool to expose SSL Certificate information as prometheus metrics.
Source code(tar.gz)
Source code(zip)
cert-checker-0.0.6.tgz(8.15 KB)
v0.0.5(Jun 15, 2021)

Changelog

ef0da3c Better UI for smaller devices, add links to DNS names a9fa8b7 Update image e069dce Update servicemonitor.yaml 5e648de Updating ingress dns and metrics port on depoyment 1175a5a Version v0.0.5
Source code(tar.gz)
Source code(zip)
cert-checker_checksums.txt(882 bytes)
cert-checker_Darwin_arm64.tar.gz(3.60 MB)
cert-checker_Darwin_x86_64.tar.gz(3.69 MB)
cert-checker_Linux_arm64.tar.gz(3.22 MB)
cert-checker_Linux_armv6.tar.gz(3.31 MB)
cert-checker_Linux_i386.tar.gz(3.37 MB)
cert-checker_Linux_x86_64.tar.gz(3.54 MB)
cert-checker_Windows_armv6.zip(3.40 MB)
cert-checker_Windows_i386.zip(3.50 MB)
cert-checker_Windows_x86_64.zip(3.59 MB)
cert-checker-helm-chart-0.0.5(Jun 15, 2021)

A tool to expose SSL Certificate information as prometheus metrics.
Source code(tar.gz)
Source code(zip)
cert-checker-0.0.5.tgz(7.64 KB)
v0.0.4(May 21, 2021)

Changelog

7b4a599 Fixing release
Source code(tar.gz)
Source code(zip)
cert-checker_checksums.txt(882 bytes)
cert-checker_Darwin_arm64.tar.gz(3.60 MB)
cert-checker_Darwin_x86_64.tar.gz(3.69 MB)
cert-checker_Linux_arm64.tar.gz(3.22 MB)
cert-checker_Linux_armv6.tar.gz(3.31 MB)
cert-checker_Linux_i386.tar.gz(3.37 MB)
cert-checker_Linux_x86_64.tar.gz(3.54 MB)
cert-checker_Windows_armv6.zip(3.40 MB)
cert-checker_Windows_i386.zip(3.50 MB)
cert-checker_Windows_x86_64.zip(3.59 MB)
cert-checker-helm-chart-0.0.4(May 21, 2021)

A tool to expose SSL Certificate information as prometheus metrics.
Source code(tar.gz)
Source code(zip)
cert-checker-0.0.4.tgz(7.64 KB)
v0.0.3(Mar 25, 2021)

Changelog

69dddfa Release version v0.0.3 to also release helm chart
Source code(tar.gz)
Source code(zip)
cert-checker_checksums.txt(785 bytes)
cert-checker_Darwin_arm64.tar.gz(3.49 MB)
cert-checker_Darwin_x86_64.tar.gz(3.58 MB)
cert-checker_Linux_arm64.tar.gz(3.12 MB)
cert-checker_Linux_armv6.tar.gz(3.22 MB)
cert-checker_Linux_i386.tar.gz(3.27 MB)
cert-checker_Linux_x86_64.tar.gz(3.44 MB)
cert-checker_Windows_i386.zip(3.40 MB)
cert-checker_Windows_x86_64.zip(3.49 MB)
cert-checker-helm-chart-0.0.3(Mar 25, 2021)

A tool to expose SSL Certificate information as prometheus metrics.
Source code(tar.gz)
Source code(zip)
cert-checker-0.0.3.tgz(6.25 KB)
v0.0.2(Mar 25, 2021)

Changelog

0106d37 Add .dockerignore and updated docker base build image c837abc Add helm documentation in github actions 2c59e15 Add kustomize as deployment option. b0e5826 Add test showing that when a context is cancled, the controller stops 061645f Adding minimum TLS to metrics and dashboards be55942 Allow for specifying port number in config.yaml 0fea332 Fix servicemonitor in k8s/yaml. Bump to v0.0.2 4b57441 More pipeline hacking. 1cf62c8 Only release helm charts on new tags 36e2b98 Removed fossa badge 16b4fb2 Slightly trim docker image by only including go sources. b3c2a2f Started on generating k8s yaml from helm chart 09e7cd5 Update Documentation cfd25d1 Update Documentation f5284c0 Update Documentation 59f40d8 Update release pipeline
Source code(tar.gz)
Source code(zip)
cert-checker_checksums.txt(785 bytes)
cert-checker_Darwin_arm64.tar.gz(3.49 MB)
cert-checker_Darwin_x86_64.tar.gz(3.58 MB)
cert-checker_Linux_arm64.tar.gz(3.12 MB)
cert-checker_Linux_armv6.tar.gz(3.22 MB)
cert-checker_Linux_i386.tar.gz(3.27 MB)
cert-checker_Linux_x86_64.tar.gz(3.44 MB)
cert-checker_Windows_i386.zip(3.40 MB)
cert-checker_Windows_x86_64.zip(3.49 MB)
cert-checker-helm-chart-0.0.1(Feb 2, 2021)

A tool to expose SSL Certificate information as prometheus metrics.
Source code(tar.gz)
Source code(zip)
cert-checker-0.0.1.tgz(5.28 KB)
cert-checker-0.0.1(Feb 2, 2021)

A tool to expose SSL Certificate information as prometheus metrics.
Source code(tar.gz)
Source code(zip)
cert-checker-0.0.1.tgz(5.28 KB)
v0.0.1(Jan 26, 2021)

Changelog

3cce65f Fixing release pipeline
Source code(tar.gz)
Source code(zip)
cert-checker_checksums.txt(686 bytes)
cert-checker_Darwin_x86_64.tar.gz(3.74 MB)
cert-checker_Linux_arm64.tar.gz(3.24 MB)
cert-checker_Linux_armv6.tar.gz(3.32 MB)
cert-checker_Linux_i386.tar.gz(3.38 MB)
cert-checker_Linux_x86_64.tar.gz(3.57 MB)
cert-checker_Windows_i386.zip(3.47 MB)
cert-checker_Windows_x86_64.zip(3.57 MB)

Certificate monitoring utility for watching tls certificates and reporting the result as metrics.

Related tags

Overview

cert-checker

Supported Certificate Errors

Installation

Run in Docker

In Kubernetes as static manifests

Helm

Metrics

Grafana Dashboard

Options

Development

You might also like...

TLS/SSL Tunnel - A modern STunnel replacement written in golang

minimal implementation of secured encrypted tcp/ip connection without tls / ssl.

Crypto-project - Personal project for learning TLS

Tool for monitoring your Ethereum clients. Client-agnostic as it queries the standardized JSON-RPC APIs

A super easy file encryption utility written in go and under 800kb

An ATNA (Audit Trail and Node Authentication) Cloud Backup Utility

Disk Usage/Free Utility - a better 'df' alternative

Small utility to sign a small json containing basic kyc information. The key generated by it is fully compatible with cosmos based chains.

sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP

Comments

Add helm chart - solves #1

Unable to get Grafana to connect to the datasource

Error was encountered while checking revocations

Allow users to individualise date formats

Releases(v0.0.6)

v0.0.6(Jun 21, 2021)

Changelog

cert-checker-helm-chart-0.0.6(Jun 21, 2021)

v0.0.5(Jun 15, 2021)

Changelog

cert-checker-helm-chart-0.0.5(Jun 15, 2021)

v0.0.4(May 21, 2021)

Changelog

cert-checker-helm-chart-0.0.4(May 21, 2021)

v0.0.3(Mar 25, 2021)

Changelog

cert-checker-helm-chart-0.0.3(Mar 25, 2021)

v0.0.2(Mar 25, 2021)

Changelog

cert-checker-helm-chart-0.0.1(Feb 2, 2021)

cert-checker-0.0.1(Feb 2, 2021)

v0.0.1(Jan 26, 2021)

Changelog

Owner

Frederik Mogensen

For whatever reason you want to transfer TLS certificates in kubernetes to Qiniu CDN

A utility for the certificate trust list (CTL).

Tooling to validate HTTPS Certificates and Connections Around Web 🕷️

Generate and sign TSL certificates with ease.

mkcert is a simple tool for making locally-trusted development certificates

gdn is a Go module to get domain name from SSL certificates given an IP address

Golang Library for automatic LetsEncrypt SSL Certificates

PKI support for SSH certificates

Package filippo.io/intermediates embeds a bundle of known unexpired, unrevoked intermediate certificates chaining to roots in the Mozilla Root Program

This library generate a new tlsconfig usable within go standard library configured with a self-signed certificate generated on the fly