https-ssl-cert-check-zabbix
Script to check validity and expiration of TLS/SSL certificate on remote host. Supports: TLS SNI and STARTTLS for protocols like SMTP; internationalized domain names with Punycode(uses libidn); allowing self-signed certs as valid; JSON output; supports any additional s_client options.
https://github.com/selivan/https-ssl-cert-check-zabbix
go-check-certs
This is a simple utility written in Go to check SSL certificates for a list of hosts. Each certificate in the host’s certificate chain is checked for the following:
Expiration date. By default, you will be warned if a certificate will expire within 30 days. This can be adjusted with -years=X, -months=X, and/or -days=X.
Signature algorithm. Some algorithms have already been sunset, others are in the process of being sunset. This can be spammy, so you can disable the check with -check-sig-alg=false.
https://github.com/timewasted/go-check-certs
certok
Command line tool to check the validity and expiration dates of SSL certificates.
https://github.com/genuinetools/certok
Certbot:
Certbot is a widely-used open-source tool that automates the process of obtaining and renewing SSL certificates from Let’s Encrypt, a free certificate authority. It includes a command-line interface that can be scheduled to check for certificate expiration and automatically renew certificates.
OpenSSL:
OpenSSL is an open-source toolkit that provides support for secure communication using SSL/TLS protocols. It includes command-line tools like openssl and x509, which can be used to view certificate details, including the expiration date. By scripting these commands, you can create a custom solution to periodically check certificate expiration.
Monitoror:
Monitoror is an open-source monitoring application that allows you to create custom dashboards to track various metrics. It has a plugin called “CertExpiry” that can be used to monitor SSL certificate expiration. You can self-host Monitoror and configure it to check the expiration date of your SSL certificates.
Zabbix:
Zabbix is an open-source monitoring solution that can be extended to perform SSL certificate expiration checks. By using the built-in features of Zabbix, you can configure it to monitor SSL certificates and send alerts when the expiration date is approaching.
Nagios:
Nagios is a popular open-source monitoring system that can be extended with plugins to check SSL certificate expiration. There are various plugins available, such as check_ssl_cert and check_http, that can be configured to monitor SSL certificates and generate alerts when certificates are about to expire.
Prometheus + Blackbox Exporter:
Prometheus is an open-source monitoring and alerting system, and the Blackbox Exporter is a component that allows for probing and monitoring various endpoints. By configuring the Blackbox Exporter to check SSL certificates’ expiration dates, you can monitor certificate validity and set up alerts accordingly.
I’m a DevOps/SRE/DevSecOps/Cloud Expert passionate about sharing knowledge and experiences. I am working at Cotocus. I blog tech insights at DevOps School, travel stories at Holiday Landmark, stock market tips at Stocks Mantra, health and fitness guidance at My Medic Plus, product reviews at I reviewed , and SEO strategies at Wizbrand.
Please find my social handles as below;
Rajesh Kumar Personal Website
Rajesh Kumar at YOUTUBE
Rajesh Kumar at INSTAGRAM
Rajesh Kumar at X
Rajesh Kumar at FACEBOOK
Rajesh Kumar at LINKEDIN
Rajesh Kumar at PINTEREST
Rajesh Kumar at QUORA
Rajesh Kumar at WIZBRAND
