Certificate monitoring utility for watching tls certificates and reporting the result as metrics.

Overview

cert-checker

Build Status Go Report Card codecov FOSSA Status

cert-checker is a certificate monitoring utility for watching tls certificates. These checks get exposed as Prometheus metrics to be viewed on a dashboard, or soft alert cluster operators.

This tool is heavily inspired by the awesome version-checker by jetstack.

Supported Certificate Errors

cert-checker supports the following types of certificate errors (and possible more):

  • Expired certificates
  • Wrong host
  • Bad root certificates
  • Revoked certificate
  • Cipher suites not allowed
    • dh480
    • dh512
    • null
    • rc4

Installation

cert-checker can be installed as a standalone static binary from the release page

latest release

Create a config file like the below example:

config.yaml:

loglevel: debug
intervalminutes: 10
certificates:
    - dns: google.com
    - dns: expired.badssl.com

Run in Docker

You can use the published docker image like this:

First create a config file as above.

# Start docker container (mounting the config file may be different on OSX and Windows)
docker run -p 8080:8080 -v ${PWD}/config.yaml:/app/config.yaml mogensen/cert-checker:latest
# Now open browser at http://localhost:8080/metrics

See released docker images on DockerHub

In Kubernetes as static manifests

cert-checker can be installed as static manifests:

$ kubectl apply -k ./deploy/yaml

Remember to edit the configmap with the actual domains you want to monitor..

Helm

cert-checker can be installed as as helm release:

$ kubectl create namespace cert-checker
$ helm install cert-checker deploy/charts/cert-checker --namespace cert-checker

Depending on your setup, you may need to modify the ServiceMonitor to get Prometheus to scrape it in a particular namespace. See this.

You may also need to add additional labels to the ServiceMonitor. If you have installed the prometheus-community/kube-prometheus-stack with the name of prometheus the following should work:

$ helm upgrade cert-checker deploy/charts/cert-checker \
    --namespace cert-checker            \
    --set=grafanaDashboard.enabled=true \
    --set=serviceMonitor.enabled=true   \
    --set=serviceMonitor.additionalLabels.release=prometheus

Metrics

By default, cert-checker will expose the version information as Prometheus metrics on 0.0.0.0:8080/metrics.

Grafana Dashboard

A Grafana dashboard is also included in this repository. It is located in the deployment folder: deploy/yaml/grafana-dashboard-cm.yaml

Grafana Dashboard

The dashboard shows the following

  • Number of Broken Certificates
  • Number of Certificates about to expire
  • Number of Good Certificates
  • A list with Certificates with errors
  • A list of Certificates Expirations for valid certificates

Options

By default, without the flag -c, --config, cert-checker will use a config file located next to the binary named config.yaml.

This is currently the only flag / option available.

$ cert-checker -h
Certificate monitoring utility for watching tls certificates and reporting the result as metrics.

Usage:
  version-checker [flags]

Flags:
  -c, --config string   config file (default is config.yaml) (default "config.yaml")
  -h, --help            help for version-checker

Development

Test the full setup in Kubernetes with Prometheus and Grafana dashboards:

# First create a new kind cluster locally, and install prometheus
make dev.kind.create
# Build a docker image, load it into kind and deploy cert-checker and promeheus/grafana stuff
make image dev.kind.install

Access the local infrastructure here:

 System  URL
 Prometheus  http://prometheus.localtest.me/graph?g0.expr=cert_checker_is_valid&g0.tab=1&g0.stacked=0&g0.range_input=1h
 Grafana http://grafana.localtest.me/d/cert-checker/certificate-checker
You might also like...
TLS/SSL Tunnel - A modern STunnel replacement written in golang
TLS/SSL Tunnel - A modern STunnel replacement written in golang

go-tunnel - Robust Quic/TLS Tunnel (Stunnel replacement) What is it? A supercharged Stunnel replacement written in golang. is in a sense a proxy enabl

minimal implementation of secured encrypted tcp/ip connection without tls / ssl.

go-secure-transport Demo implementation of secured encrypted TCP connection without TLS / SSL. See ./example for server & client using the transport t

Crypto-project - Personal project for learning TLS

crypto-project My personal attempt to implement this cipher suite using the Go l

Tool for monitoring your Ethereum clients. Client-agnostic as it queries the standardized JSON-RPC APIs
Tool for monitoring your Ethereum clients. Client-agnostic as it queries the standardized JSON-RPC APIs

e7mon Tool for monitoring your Ethereum clients. Client-agnostic as it queries the standardized JSON-RPC APIs. However, the execution client should be

A super easy file encryption utility written in go and under 800kb
A super easy file encryption utility written in go and under 800kb

filecrypt A super easy to use file encryption utility written in golang ⚠ Help Wanted on porting filecrypt to other programing languages NOTE: if you

An ATNA (Audit Trail and Node Authentication) Cloud Backup Utility
An ATNA (Audit Trail and Node Authentication) Cloud Backup Utility

ATNA Vault ATNA Vault allows you to maintain a secure long-term archive for all your IHE audit messages. IHE vendors who can provide "filter forward"

Disk Usage/Free Utility - a better 'df' alternative
Disk Usage/Free Utility - a better 'df' alternative

duf Disk Usage/Free Utility (Linux, BSD, macOS & Windows) Features User-friendly, colorful output Adjusts to your terminal's width Sort the results ac

Small utility to sign a small json containing basic kyc information. The key generated by it is fully compatible with cosmos based chains.

Testnet signer utility This utility generates a signed JSON-formatted ID to prove ownership of a key used to submit tx on the blockchain. This testnet

sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP
sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP

sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP. (demo)

Comments
  • Add helm chart - solves #1

    Add helm chart - solves #1

    Hi,

    Solves issue #1

    I've added a helm chart definition and updated the readme accordingly. Compared to a standard template that you get with helm create I've removed ingress.

    I had some trouble getting the ServiceMonitor to work if I install the monitor in the same namespace as the helm release - maybe you can figure it out?

    An example of the rendered manifest is shown here:

    $ helm template cert-checker deploy/charts/cert-checker --namespace cert-checker
    ---
    # Source: cert-checker/templates/serviceaccount.yaml
    apiVersion: v1
    kind: ServiceAccount
    metadata:
      name: cert-checker
      labels:
        helm.sh/chart: cert-checker-0.0.1
        app.kubernetes.io/name: cert-checker
        app.kubernetes.io/instance: cert-checker
        app.kubernetes.io/version: "0.0.1"
        app.kubernetes.io/managed-by: Helm
    ---
    # Source: cert-checker/templates/configmap.yaml
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: cert-checker
      labels:
        helm.sh/chart: cert-checker-0.0.1
        app.kubernetes.io/name: cert-checker
        app.kubernetes.io/instance: cert-checker
        app.kubernetes.io/version: "0.0.1"
        app.kubernetes.io/managed-by: Helm
    data:
      config.yaml: |
          certificates:
          - dns: google.com
          - dns: example.com
          - dns: expired.badssl.com
          - dns: wrong.host.badssl.com
          - dns: untrusted-root.badssl.com
          - dns: self-signed.badssl.com
          - dns: revoked.badssl.com
          - dns: dh480.badssl.com
          - dns: dh512.badssl.com
          - dns: null.badssl.com
          - dns: rc4-md5.badssl.com
          - dns: rc4.badssl.com
          intervalminutes: 1
          loglevel: info
    ---
    # Source: cert-checker/templates/grafana-dashboard-cm.yaml
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: cert-checker-grafana-dashboard
      labels:
        grafana_dashboard:  "1"
        helm.sh/chart: cert-checker-0.0.1
        app.kubernetes.io/name: cert-checker
        app.kubernetes.io/instance: cert-checker
        app.kubernetes.io/version: "0.0.1"
        app.kubernetes.io/managed-by: Helm
    data:
      cert-checker.json: |-
        {
          "annotations": {
            "list": [
              {
                "builtIn": 1,
                "datasource": "Prometheus",
                "enable": true,
                "hide": true,
                "iconColor": "rgba(0, 211, 255, 1)",
                "limit": 100,
                "name": "Annotations & Alerts",
                "showIn": 0,
                "type": "dashboard"
              }
            ]
          },
          "description": "Dashboard for viewing the status of production certificates. To be used with the cert-checker project.https://github.com/mogensen/cert-checker",
          "editable": true,
          "gnetId": 12833,
          "graphTooltip": 0,
          "links": [],
          "panels": [
            {
              "datasource": null,
              "fieldConfig": {
                "defaults": {
                  "custom": {},
                  "mappings": [],
                  "min": 0,
                  "thresholds": {
                    "mode": "absolute",
                    "steps": [
                      {
                        "color": "green",
                        "value": null
                      },
                      {
                        "color": "red",
                        "value": 1
                      }
                    ]
                  }
                },
                "overrides": []
              },
              "gridPos": {
                "h": 5,
                "w": 8,
                "x": 0,
                "y": 0
              },
              "id": 4,
              "options": {
                "colorMode": "background",
                "graphMode": "area",
                "justifyMode": "auto",
                "orientation": "auto",
                "reduceOptions": {
                  "calcs": [
                    "lastNotNull"
                  ],
                  "fields": "",
                  "values": false
                },
                "textMode": "auto"
              },
              "pluginVersion": "7.3.5",
              "targets": [
                {
                  "expr": "count(cert_checker_is_valid == 0)",
                  "interval": "",
                  "legendFormat": "",
                  "refId": "A"
                }
              ],
              "timeFrom": null,
              "timeShift": null,
              "title": "Broken Certificates",
              "type": "stat"
            },
            {
              "datasource": null,
              "description": "Certificates with a lifetime < 30 days",
              "fieldConfig": {
                "defaults": {
                  "custom": {},
                  "mappings": [],
                  "min": 0,
                  "noValue": "0",
                  "thresholds": {
                    "mode": "absolute",
                    "steps": [
                      {
                        "color": "green",
                        "value": null
                      }
                    ]
                  }
                },
                "overrides": []
              },
              "gridPos": {
                "h": 5,
                "w": 8,
                "x": 8,
                "y": 0
              },
              "id": 9,
              "options": {
                "colorMode": "background",
                "graphMode": "area",
                "justifyMode": "auto",
                "orientation": "auto",
                "reduceOptions": {
                  "calcs": [
                    "last"
                  ],
                  "fields": "",
                  "values": false
                },
                "textMode": "auto"
              },
              "pluginVersion": "7.3.5",
              "targets": [
                {
                  "expr": "count( ((cert_checker_expire_time{} - time()) / 86400 >= 0) < 30)",
                  "interval": "",
                  "legendFormat": "",
                  "refId": "A"
                }
              ],
              "timeFrom": null,
              "timeShift": null,
              "title": "Certificates about to expire",
              "type": "stat"
            },
            {
              "datasource": null,
              "fieldConfig": {
                "defaults": {
                  "custom": {},
                  "mappings": [],
                  "min": 0,
                  "thresholds": {
                    "mode": "absolute",
                    "steps": [
                      {
                        "color": "green",
                        "value": null
                      }
                    ]
                  }
                },
                "overrides": []
              },
              "gridPos": {
                "h": 5,
                "w": 8,
                "x": 16,
                "y": 0
              },
              "id": 5,
              "options": {
                "colorMode": "background",
                "graphMode": "area",
                "justifyMode": "auto",
                "orientation": "auto",
                "reduceOptions": {
                  "calcs": [
                    "lastNotNull"
                  ],
                  "fields": "",
                  "values": false
                },
                "textMode": "auto"
              },
              "pluginVersion": "7.3.5",
              "targets": [
                {
                  "expr": "count(cert_checker_is_valid > 0)",
                  "interval": "",
                  "legendFormat": "",
                  "refId": "A"
                }
              ],
              "timeFrom": null,
              "timeShift": null,
              "title": "Good Certificates",
              "type": "stat"
            },
            {
              "datasource": "Prometheus",
              "description": "",
              "fieldConfig": {
                "defaults": {
                  "color": {
                    "fixedColor": "red",
                    "mode": "fixed"
                  },
                  "custom": {
                    "align": null,
                    "displayMode": "color-text",
                    "filterable": false
                  },
                  "mappings": [],
                  "thresholds": {
                    "mode": "absolute",
                    "steps": [
                      {
                        "color": "green",
                        "value": null
                      },
                      {
                        "color": "red",
                        "value": 80
                      }
                    ]
                  }
                },
                "overrides": [
                  {
                    "matcher": {
                      "id": "byName",
                      "options": "Is Latest"
                    },
                    "properties": [
                      {
                        "id": "mappings",
                        "value": [
                          {
                            "from": "",
                            "id": 0,
                            "text": "No",
                            "to": "",
                            "type": 1,
                            "value": "0"
                          },
                          {
                            "from": "1",
                            "id": 1,
                            "text": "Yes",
                            "to": "999999999",
                            "type": 2,
                            "value": "1"
                          }
                        ]
                      },
                      {
                        "id": "custom.align",
                        "value": "left"
                      }
                    ]
                  },
                  {
                    "matcher": {
                      "id": "byName",
                      "options": "not_after"
                    },
                    "properties": [
                      {
                        "id": "custom.width",
                        "value": 225
                      }
                    ]
                  },
                  {
                    "matcher": {
                      "id": "byName",
                      "options": "not_before"
                    },
                    "properties": [
                      {
                        "id": "custom.width",
                        "value": 234
                      }
                    ]
                  },
                  {
                    "matcher": {
                      "id": "byName",
                      "options": "issuer"
                    },
                    "properties": [
                      {
                        "id": "custom.width",
                        "value": 395
                      }
                    ]
                  },
                  {
                    "matcher": {
                      "id": "byName",
                      "options": "cert_error"
                    },
                    "properties": [
                      {
                        "id": "custom.width",
                        "value": 640
                      }
                    ]
                  }
                ]
              },
              "gridPos": {
                "h": 9,
                "w": 24,
                "x": 0,
                "y": 5
              },
              "id": 2,
              "options": {
                "showHeader": true,
                "sortBy": [
                  {
                    "desc": true,
                    "displayName": "not_after"
                  }
                ]
              },
              "pluginVersion": "7.3.5",
              "targets": [
                {
                  "expr": "sum by(dns, issuer, not_before, not_after, cert_error) (cert_checker_is_valid) == 0",
                  "format": "time_series",
                  "instant": true,
                  "interval": "",
                  "legendFormat": "",
                  "refId": "A"
                }
              ],
              "timeFrom": null,
              "timeShift": null,
              "title": "Certificates with errors",
              "transformations": [
                {
                  "id": "labelsToFields",
                  "options": {}
                },
                {
                  "id": "organize",
                  "options": {
                    "excludeByName": {
                      "Time": true,
                      "Value": true,
                      "container": false
                    },
                    "indexByName": {
                      "Time": 0,
                      "Value": 6,
                      "cert_error": 5,
                      "dns": 1,
                      "issuer": 2,
                      "not_after": 4,
                      "not_before": 3
                    },
                    "renameByName": {
                      "Value": "Is Valid",
                      "cert_error": "",
                      "current_version": "Current Version",
                      "dns": "",
                      "image": "Image",
                      "latest_version": "Latest Version",
                      "not_after": ""
                    }
                  }
                }
              ],
              "type": "table"
            },
            {
              "datasource": "Prometheus",
              "description": "",
              "fieldConfig": {
                "defaults": {
                  "color": {
                    "mode": "thresholds"
                  },
                  "custom": {
                    "align": null,
                    "displayMode": "color-text",
                    "filterable": true
                  },
                  "decimals": 1,
                  "mappings": [],
                  "thresholds": {
                    "mode": "absolute",
                    "steps": [
                      {
                        "color": "rgb(249, 249, 249)",
                        "value": null
                      },
                      {
                        "color": "red",
                        "value": 0
                      },
                      {
                        "color": "yellow",
                        "value": 15
                      },
                      {
                        "color": "green",
                        "value": 30
                      }
                    ]
                  },
                  "unit": "d"
                },
                "overrides": [
                  {
                    "matcher": {
                      "id": "byName",
                      "options": "Is Latest"
                    },
                    "properties": [
                      {
                        "id": "mappings",
                        "value": [
                          {
                            "from": "",
                            "id": 0,
                            "text": "No",
                            "to": "",
                            "type": 1,
                            "value": "0"
                          },
                          {
                            "from": "1",
                            "id": 1,
                            "text": "Yes",
                            "to": "999999999",
                            "type": 2,
                            "value": "1"
                          }
                        ]
                      },
                      {
                        "id": "custom.align",
                        "value": "left"
                      }
                    ]
                  }
                ]
              },
              "gridPos": {
                "h": 9,
                "w": 24,
                "x": 0,
                "y": 14
              },
              "id": 8,
              "options": {
                "showHeader": true,
                "sortBy": [
                  {
                    "desc": false,
                    "displayName": "Value"
                  }
                ]
              },
              "pluginVersion": "7.3.5",
              "targets": [
                {
                  "expr": "(cert_checker_expire_time{} - time()) / 60/60/24",
                  "format": "table",
                  "instant": true,
                  "interval": "",
                  "legendFormat": "",
                  "refId": "A"
                }
              ],
              "timeFrom": null,
              "timeShift": null,
              "title": "Certification Expirations",
              "transformations": [
                {
                  "id": "labelsToFields",
                  "options": {}
                },
                {
                  "id": "organize",
                  "options": {
                    "excludeByName": {
                      "Time": true,
                      "Value": false,
                      "__name__": true,
                      "container": true,
                      "endpoint": true,
                      "instance": true,
                      "job": true,
                      "namespace": true,
                      "pod": true,
                      "service": true
                    },
                    "indexByName": {
                      "Time": 0,
                      "Value": 6,
                      "cert_error": 5,
                      "dns": 1,
                      "issuer": 2,
                      "not_after": 4,
                      "not_before": 3
                    },
                    "renameByName": {
                      "Value": "",
                      "cert_error": "",
                      "current_version": "Current Version",
                      "dns": "",
                      "image": "Image",
                      "latest_version": "Latest Version",
                      "not_after": ""
                    }
                  }
                }
              ],
              "type": "table"
            }
          ],
          "refresh": "5m",
          "schemaVersion": 26,
          "style": "dark",
          "tags": [],
          "templating": {
            "list": []
          },
          "time": {
            "from": "now-30m",
            "to": "now"
          },
          "timepicker": {
            "refresh_intervals": [
              "10s",
              "30s",
              "1m",
              "5m",
              "15m",
              "30m",
              "1h",
              "2h",
              "1d"
            ]
          },
          "timezone": "",
          "title": "Certificate Checker",
          "uid": "cert-checker",
          "version": 1
        }
    ---
    # Source: cert-checker/templates/service.yaml
    apiVersion: v1
    kind: Service
    metadata:
      name: cert-checker
      labels:
        helm.sh/chart: cert-checker-0.0.1
        app.kubernetes.io/name: cert-checker
        app.kubernetes.io/instance: cert-checker
        app.kubernetes.io/version: "0.0.1"
        app.kubernetes.io/managed-by: Helm
    spec:
      type: ClusterIP
      ports:
        - port: 8080
          targetPort: http
          protocol: TCP
          name: http
      selector:
        app.kubernetes.io/name: cert-checker
        app.kubernetes.io/instance: cert-checker
    ---
    # Source: cert-checker/templates/deployment.yaml
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: cert-checker
      labels:
        helm.sh/chart: cert-checker-0.0.1
        app.kubernetes.io/name: cert-checker
        app.kubernetes.io/instance: cert-checker
        app.kubernetes.io/version: "0.0.1"
        app.kubernetes.io/managed-by: Helm
    spec:
      replicas: 1
      selector:
        matchLabels:
          app.kubernetes.io/name: cert-checker
          app.kubernetes.io/instance: cert-checker
      template:
        metadata:
          annotations:
            checksum/config: acdfcef4913d7e7cbb5b4adb47ba00a7e7d44b27e4d5b673f73ad29a539722a5
            enable.cert-checker.io/cert-checker: "true"
            prometheus.io/path: /metrics
            prometheus.io/port: "8080"
            prometheus.io/scrape: "true"
          labels:
            app.kubernetes.io/name: cert-checker
            app.kubernetes.io/instance: cert-checker
        spec:
          serviceAccountName: cert-checker
          securityContext:
            fsGroup: 2000
          volumes:
            - name: config-volume
              configMap:
                name: cert-checker
          containers:
            - name: cert-checker
              securityContext:
                allowPrivilegeEscalation: false
                capabilities:
                  drop:
                  - ALL
                readOnlyRootFilesystem: true
                runAsNonRoot: true
                runAsUser: 1000
              image: "mogensen/cert-checker:v0.0.1"
              command: ["/app/cert-checker", "-c", "/data/config.yaml"]
              imagePullPolicy: IfNotPresent
              volumeMounts:
              - name: config-volume
                mountPath: /data/
              ports:
                - name: http
                  containerPort: 8080
                  protocol: TCP
              resources:
                {}
    ---
    # Source: cert-checker/templates/servicemonitor.yaml
    apiVersion: monitoring.coreos.com/v1
    kind: ServiceMonitor
    metadata:
      name: cert-checker
      labels:
        helm.sh/chart: cert-checker-0.0.1
        app.kubernetes.io/name: cert-checker
        app.kubernetes.io/instance: cert-checker
        app.kubernetes.io/version: "0.0.1"
        app.kubernetes.io/managed-by: Helm
    spec:
      selector:
        matchLabels:
          app.kubernetes.io/name: cert-checker
      endpoints:
      - port: http
    ---
    # Source: cert-checker/templates/tests/test-connection.yaml
    apiVersion: v1
    kind: Pod
    metadata:
      name: "cert-checker-test-connection"
      labels:
        helm.sh/chart: cert-checker-0.0.1
        app.kubernetes.io/name: cert-checker
        app.kubernetes.io/instance: cert-checker
        app.kubernetes.io/version: "0.0.1"
        app.kubernetes.io/managed-by: Helm
      annotations:
        "helm.sh/hook": test
    spec:
      containers:
        - name: wget
          image: busybox
          command: ['wget']
          args: ['cert-checker:8080/metrics']
      restartPolicy: Never
    
    opened by lhotrifork 1
  • Unable to get Grafana to connect to the datasource

    Unable to get Grafana to connect to the datasource

    Good Morning. I am trying to setup this tool and running into some weird issues.

    I have Grafana installed local on my CentOS 7 server (Not in docker). I have installed your tool and I can confirm using the sample config.yaml you provided that when I go to http://:8080/metrics I can see the data.

    In Grafana I am trying to add the datasource but nothing I type into the config is working. I have tried the URLS

    http://localhost:8080/metrics http://:8080/metrics http://<server_ip>:8080/metrics

    When I look into the debug console I am seeing errors like this

    GET http://localhost:8080/metrics/api/v1/query?query=1%2B1&time=1611849514.366 net::ERR_CONNECTION_REFUSED

    Am I missing something?

    opened by BearDooks 1
  • Error was encountered while checking revocations

    Error was encountered while checking revocations

    Hi,

    After installing cert-checker I have found some errors in the verification of some of my certificates. Some of the errors are as follows:

    2021/09/07 06:25:56 [WARNING] error checking revocation via OCSP
    time="2021-09-07T06:25:56Z" level=debug msg=" - Found error for host00.domain.tld:9120 : an error was encountered while checking revocations"
    time="2021-09-07T06:25:56Z" level=debug msg="Probing: host04.domain.tld:443"
    time="2021-09-07T06:25:56Z" level=debug msg="Probing: host04.domain.tld:9020"
    2021/09/07 06:25:57 [WARNING] error checking revocation via OCSP
    time="2021-09-07T06:25:57Z" level=debug msg=" - Found error for host04.domain.tld:9020 : an error was encountered while checking revocations"
    time="2021-09-07T06:25:57Z" level=debug msg="Probing: host04.domain.tld:9120"
    2021/09/07 06:25:57 [WARNING] error checking revocation via OCSP
    time="2021-09-07T06:25:57Z" level=debug msg=" - Found error for host04.domain.tld:9120 : an error was encountered while checking revocations"
    time="2021-09-07T06:25:57Z" level=debug msg="Probing: host05.domain.tld:443"
    time="2021-09-07T06:25:57Z" level=debug msg="Probing: host05.domain.tld:9020"
    2021/09/07 06:25:57 [WARNING] error checking revocation via OCSP
    time="2021-09-07T06:25:57Z" level=debug msg=" - Found error for host05.domain.tld:9020 : an error was encountered while checking revocations"
    time="2021-09-07T06:25:57Z" level=debug msg="Probing: host05.domain.tld:9120"
    2021/09/07 06:25:58 [WARNING] error checking revocation via OCSP
    time="2021-09-07T06:25:58Z" level=debug msg=" - Found error for host05.domain.tld:9120 : an error was encountered while checking revocations"
    time="2021-09-07T06:25:58Z" level=debug msg="Probing: host10.domain.tld:443"
    time="2021-09-07T06:25:58Z" level=debug msg="Probing: host11.domain.tld:443"
    time="2021-09-07T06:25:58Z" level=debug msg="Probing: host12.domain.tld:443"
    

    trying to debug the application, the function that does the OCSP check returns the following: "bad OCSP signature: crypto / rsa: verification error"

    Thanks in advance.

    opened by angelsantillana94 3
  • Allow users to individualise date formats

    Allow users to individualise date formats

    Hello,

    I would be happy if there is more to "individuallize". Am unfortunately not powerful this programming language that I could rework myself.

    If I have time, I would like to change the date to dd.MM.YYYY. Where would I find that the?

    Thanks a lot

    enhancement help wanted good first issue 
    opened by Maximilian1021 2
Releases(v0.0.6)
Owner
Frederik Mogensen
Frederik Mogensen
For whatever reason you want to transfer TLS certificates in kubernetes to Qiniu CDN

Qiniu Certificate Sync For whatever reason you want to transfer TLS certificates in kubernetes to Qiniu CDN This app will upload provided TLS secrets

null 2 Oct 21, 2021
A utility for the certificate trust list (CTL).

ctlutil A utility for the certificate trust list (CTL) Installation First install Go. If you just want to install the binary to your current directory

Canstand 0 Dec 28, 2021
Tooling to validate HTTPS Certificates and Connections Around Web 🕷️

Cassler - SSL Validator Tool If your read fast, it's sounds like "Cassia Eller" Tooling to validate HTTPS Certificates and Connections Around Web ??️

Matheus Fidelis 55 Sep 14, 2022
Generate and sign TSL certificates with ease.

certctl Manage certificates with ease.

Chen Zhiwei 10 Apr 10, 2022
mkcert is a simple tool for making locally-trusted development certificates

A simple zero-config tool to make locally trusted development certificates with any names you'd like.

Filippo Valsorda 36.9k Sep 22, 2022
gdn is a Go module to get domain name from SSL certificates given an IP address

Get Domain Name gdn is a Go module to get domain name from SSL certificates given an IP address Installation Instructions From Source gdn requires go1

Sai Krishna Kothapalli 17 Aug 19, 2022
Golang Library for automatic LetsEncrypt SSL Certificates

Obtains certificates automatically, and manages renewal and hot reload for your Golang application. It uses the LEGO Library to perform ACME challenges, and the mkcert utility to generate self-signed trusted certificates for local development.

Foomo web framework 176 Sep 12, 2022
PKI support for SSH certificates

PKI certificates for SSH Introduction SSH certificates are limited in their usefulness - a certificate can only be signed with a single CA key, so no

Matthew Garrett 41 Aug 31, 2022
Package filippo.io/intermediates embeds a bundle of known unexpired, unrevoked intermediate certificates chaining to roots in the Mozilla Root Program

filippo.io/intermediates Package intermediates embeds a list of known unexpired, unrevoked intermediate certificates chaining to roots with Websites t

Filippo Valsorda 46 Jul 30, 2022
This library generate a new tlsconfig usable within go standard library configured with a self-signed certificate generated on the fly

sslcert This library generate a new tlsconfig usable within go standard library configured with a self-signed certificate generated on the fly. Exampl

ProjectDiscovery 6 Nov 17, 2021