NeophyteHi We have a requirement to monitor ssl certificate on non ssl ports like for example 7083 is here any Datasource we have to do this or any easy way to do it.
Clone the DS and change the ssl.listening_ports property for a custom one.
Same code that LM uses for regular cert monitoring with a different port: https://github.com/sweenig/lm/tree/main/SSL%20Monitoring%20on%20Custom%20Port
ProfessorIs it an HTTPS server just on a custom port? You should be able to clone the "HTTPS" DataSource and change the port it uses. May want to tweak the AppliesTo and other items as needed.
NeophyteI tried it and updaed the port it applies to as 7083 so it doesnot show any output.
NeophyteIt worked but it just monitors weather we are able to connec on port 7803 or not but the requirement is to get validity of the certificate and in how many days it expires
Neophyteyou can try using the below script which we have deployed.
this runs everyday and decrement the number of day each day and we have created an alert that we should be notified when it reaches 30 (month) so that we can initiate the work to reinstate the server certificate
import com.santaba.agent.groovyapi.expect.Expect;
import com.santaba.agent.groovyapi.snmp.Snmp;
import com.santaba.agent.groovyapi.http.*;
import com.santaba.agent.groovyapi.jmx.*;
import org.xbill.DNS.*;
import javax.net.ssl.*
import java.security.cert.*
import java.security.*
import java.text.SimpleDateFormat
import java.util.concurrent.TimeUnit
// Function to get the number of days left until the certificate expires
def getDaysUntilExpiry(host, port) {
try {
// Create SSL context
SSLContext sslContext = SSLContext.getInstance("TLS")
sslContext.init(null, null, new java.security.SecureRandom())
SSLSocketFactory factory = sslContext.getSocketFactory()
// Create socket to connect to the server
Socket socket = factory.createSocket(host, port)
SSLSocket sslSocket = (SSLSocket) socket
// Start handshake to get the certificate
sslSocket.startHandshake()
SSLSession session = sslSocket.getSession()
Certificate[] certificates = session.getPeerCertificates()
X509Certificate cert = (X509Certificate) certificates[0]
// Get expiry date
Date expiryDate = cert.getNotAfter()
Date currentDate = new Date()
// Calculate days left
long diffInMillies = expiryDate.getTime() - currentDate.getTime()
long diffInDays = TimeUnit.DAYS.convert(diffInMillies, TimeUnit.MILLISECONDS)
println("${diffInDays}")
// Close resources
sslSocket.close()
} catch (Exception e) {
e.printStackTrace()
}
}
// Main execution
def host = "website.com" // Replace with your server hostname or IP
def port = 443 // Port number
getDaysUntilExpiry(host, port)
Neophyteyou can try using the groovy script
Collection method - script
process = [ 'bash', '-c', 'timeout 60 bash -c "</dev/tcp/<IP address>/7083"; echo $?'].execute()
println process.text;
this will check every 1 minute whether port 7083 is opening or not.
Neophytegetting this error:
MastermindClone the DS and change the ssl.listening_ports property for a custom one.
Same code that LM uses for regular cert monitoring with a different port: https://github.com/sweenig/lm/tree/main/SSL%20Monitoring%20on%20Custom%20Port
