~cypheon/ecertmon

TLS Certificate Expiration Monitor (Prometheus Exporter)
~cypheon/public-inbox

New mailing list added

2 months ago

313149b Return empty list instead of 0 in error case

4 months ago

#ecertmon

Tiny blackbox certificate expiry date exporter for Prometheus written in Erlang.

You configure which hosts should be scanned:

{targets, [
           {"elfelli.sinyax.net", 443},
           {"neo.sinyax.net", 443},
           {"git.sinyax.net", 443}
          ]
}.

And ecertmon will export one metric for each configured target presenting the expiration date of the certificate (in Unix epoch seconds):

$ curl http://127.0.0.1:9101/metrics
tls_cert_expiry{hostname="elfelli.sinyax.net", port="443"} 1613347516
tls_cert_expiry{hostname="neo.sinyax.net", port="443"} 1613347549
tls_cert_expiry{hostname="git.sinyax.net", port="443"} 1611533202

#Build

If you're on macOS, use gmake instead of make in all following steps.

# Build the project
# (run from inside the source root directory)

make deps
make app

#Configure

A config sample is in config/certmon.sample.config. The config settings have quite descriptive names and should be self-explanatory.

The path to the config file needs to be passed as value of the environment variable CERTMON_CONFIG_FILE.

#Run (from Source)

# Run the project
# (run from inside the source root directory)
# Using an absolute path for $CERTMON_CONFIG_FILE helps to prevent headaches

CERTMON_CONFIG_FILE="$PWD/config/certmon.sample.config" make run

#Run (from Release)

TODO: Publish releases and document how to use them