New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
SSL monitoring
Looking for a free solution to monitor SSL certs. Something like https://trackssl.com/
Comments
Now a day they want subscription for everything .
Yep, spoiled fucks.
I think the best solution is to get all of your certs setup in an automated fashion to autorotate that way you don't have to worry about them expiring in the first place. But instead of just leaving it at that here's an easy solution you can script to monitor and send you an e-mail or whatever when something is about to expire:
openssl s_client -connect www.example.com:443 | openssl x509 -noout -enddate
Simple shell script to compare that end date to the current date and send a warning via whatever method you prefer when it is less than X days to expire. No need to pay any subscriptions, totally free.
You can try https://github.com/louislam/uptime-kuma it is free self-hosted solution to monitor uptime + SSL expiry. It can even send you notifications.
Already using, but some apps fail to be recognised as having SSL.
Hetrixtools?
Weird, I've never had issues with uptime-kuma, but I also kinda need a tool like that, I might give it a try
I would say your suggestion of probing the services is by far the better way. Even if you've got SSL renewal sewn up, or are using say Letsencrypt without errors, many services need cycling or prodding to pick up the updated cert and that can get stuck.
https://www.haveibeenexpired.com maybe, they have free account
I'am running nightscout and it seems javascript apps are a no go for kuma to monitor for SSL
You can create your own monitoring script using OpenSSL commands that check the expiration date and combine it with cron jobs to send notifications via email if it nears expiration.
I know https://monitor.shodan.io/networks will tell you it expires, not sure if it's close to if it will. You could make a script to check and alert you if it's close. Set it to be a cron job or something. It's only $50 for life time.
If your using cloudflare you can create a cert that last up to 15 years that only cloudflare will see valid.
HetrixTools better.