certmonitor

package

v1.4.6 Latest Latest Go to latest Published: Apr 1, 2024 License: MIT Imports: 22 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/vdbulcke/cert-monitor

Links

Open Source Insights

Documentation ¶

Index ¶

func PrometheusMetricsregister()
func ValidateConfig(config *Config) bool
type CertMonitor
- func NewCertMonitor(logger hclog.Logger, config *Config) *CertMonitor
type CertMonitorJWK
type Config
- func ParseConfig(configFile string) (*Config, error)
type RemoteJWKEndpoint
type RemoteSAMLMetdataEndpoint
type RemoteTCPTLSEndpoint
type RemoteTLSEndpoint

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func PrometheusMetricsregister ¶

func PrometheusMetricsregister()

PrometheusMetricsregister Regiter metrics with prometheus

func ValidateConfig ¶

func ValidateConfig(config *Config) bool

ValidateConfig validate config

Types ¶

type CertMonitor ¶

type CertMonitor struct {
	// contains filtered or unexported fields
}

CertMonitor Cert Monitor Object

func NewCertMonitor ¶

func NewCertMonitor(logger hclog.Logger, config *Config) *CertMonitor

NewCertMonitor Create a new CertMonitor

func (*CertMonitor) GetCertificateFromRemoteAddress ¶ added in v1.0.0

func (certMonitor *CertMonitor) GetCertificateFromRemoteAddress(address string, port int, servername string) ([]*x509.Certificate, error)

GetCertificateFromRemoteAddress return list of X509 certificate from the remote address

func (*CertMonitor) GetCertificateFromRemoteURL ¶ added in v1.0.0

func (certMonitor *CertMonitor) GetCertificateFromRemoteURL(address string, servername string) ([]*x509.Certificate, error)

func (*CertMonitor) GetHttpClientWithConfiguration ¶ added in v1.2.0

func (c *CertMonitor) GetHttpClientWithConfiguration() http.Client

GetHttpClientWithConfiguration return http client from CertMonitor Config

func (*CertMonitor) GetJWKCertificates ¶ added in v1.1.0

func (c *CertMonitor) GetJWKCertificates(jwkUri string) ([]*CertMonitorJWK, error)

GetJWKCertificates returns the list of CertMonitorJWK with alg, kid, x5c field

func (*CertMonitor) GetSAMLMetadataCertificates ¶ added in v1.0.0

func (certMonitor *CertMonitor) GetSAMLMetadataCertificates(metadataURL string) ([]*x509.Certificate, error)

GetSAMLMetadataCertificates returns the X509 certificates from the SAML metadata url

func (*CertMonitor) LoadRemoteCertificateMetrics ¶ added in v1.0.0

func (certMonitor *CertMonitor) LoadRemoteCertificateMetrics()

LoadRemoteCertificateMetrics load Certifcate from Remote endpoints

func (*CertMonitor) LoadStaticMetrics ¶ added in v1.2.1

func (certMonitor *CertMonitor) LoadStaticMetrics() error

LoadStaticMetrics loads one time static metric

func (*CertMonitor) ScheduleCheckCertificatesJob ¶

func (certMonitor *CertMonitor) ScheduleCheckCertificatesJob()

ScheduleCheckCertificatesJob Check certificate in Dir

type CertMonitorJWK ¶ added in v1.1.0

type CertMonitorJWK struct {
	Certs []*x509.Certificate

	Alg string

	Kid string

	Kty string
}

type Config ¶

type Config struct {
	LogFile       string `yaml:"log_file"`
	LogJSONFormat bool   `yaml:"log_json_format"`
	// When to alert that certificate will expire
	ClockSkewDays int `yaml:"clock_skew_day"`
	// Schedule Checks in Hours
	ScheduleJobHours int `yaml:"schedule_job_hours"`

	// Directory containing certificate to monitor
	CertificatesDir string `yaml:"certificate_dir"`

	// a list RemoteTLSEndpoint
	RemoteTLSEndpoints []*RemoteTLSEndpoint `yaml:"remote_tls_endpoints"`

	// A  list of RemoteTCPTLSEndpoint
	RemoteTCPTLSEndpoints []*RemoteTCPTLSEndpoint `yaml:"remote_tcp_tls_endpoints"`

	// A  list of RemoteSAMLMetdataEndpoints
	RemoteSAMLMetdataEndpoints []*RemoteSAMLMetdataEndpoint `yaml:"remote_saml_metadata_endpoints"`

	// A  list of RemoteJWKEndpoint
	RemoteJWKEndpoints []*RemoteJWKEndpoint `yaml:"remote_jwk_endpoints"`

	// Timeout when calling the remote endpoint
	RemoteEndpointTimeout int `yaml:"remote_endpoint_timeout"`

	// Prometheus metrics port
	PrometheusListeningPort int `yaml:"prometheus_listening_port" validate:"required"`

	// Skip Tls Validation
	SkipTLSValidation bool `yaml:"skip_tls_validation"`
}

Config has been created

func ParseConfig ¶

func ParseConfig(configFile string) (*Config, error)

ParseConfig Parse config file

type RemoteJWKEndpoint ¶ added in v1.1.0

type RemoteJWKEndpoint struct {
	JWKURL string `yaml:"url" validate:"required"`
	Alg    string `yaml:"alg"`
	Kid    string `yaml:"kid"`
	Kty    string `yaml:"kty"`
}

RemoteJWKEndpoint a remote URL exposing JSON Web Keys

type RemoteSAMLMetdataEndpoint ¶ added in v0.3.0

type RemoteSAMLMetdataEndpoint struct {
	MetadataURL string `yaml:"url" validate:"required"`
}

RemoteSAMLMetdataEndpoint a remote URL exposing SAML Metadata

type RemoteTCPTLSEndpoint ¶

type RemoteTCPTLSEndpoint struct {
	Address    string `yaml:"address" validate:"required,omitempty"`
	Port       int    `yaml:"port" validate:"required,omitempty"`
	ServerName string `yaml:"servername"`
}

RemoteTCPTLSEndpoint a remote tls endpoint to monitor

type RemoteTLSEndpoint ¶

type RemoteTLSEndpoint struct {
	Address    string `yaml:"address" validate:"required,omitempty"`
	ServerName string `yaml:"servername"`
}

RemoteTLSEndpoint a remote tls endpoint to monitor

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL