Skip to main content

Check TLS certificates of domains for expiration dates and more.

Project description

check-tls-certs

Check TLS certificates of domains for expiration dates and more.

Usage

Usage: check_tls_certs [OPTIONS] [DOMAIN]...

  Checks the TLS certificate for each DOMAIN.

  You can add checks for alternative names by separating them with a slash,
  like example.com/www.example.com.

  Exits with return code 3 when there are warnings and code 4 when there are
  errors.

Options:
  -f, --file FILE              File to read domains from. One per line.
  -v, --verbose / -q, --quiet  Toggle printing of infos for domains with no
                               errors or warnings.
  --help                       Show this message and exit.

When domains are read from a file, lines starting with a # are ignored.

If you put a ! in front of a domain, it is checked to be in the list of alternate names, but the TLS certificate for it will not be fetched and checked. This is useful for domains that aren’t accessible for some reason.

Changelog

0.5.0 - 2016-02-17

  • Use UTC time to calculate expiration time. [fschulze]

  • Add another verbosity level (and remove -q/--quite). By default nothing is printed except when there are errors. The first level -v always prints the earliest expiration date. The second level -vv prints all the info.

0.4.0 - 2016-02-12

  • When prefixing a domain with a ! the certificate will not be fetched and checked, but it’s name well be checked to be in the list of alternate names. [fschulze]

  • Change handling of alternate names, so checking for just one domain when a certificate is valid for several works. [fschulze]

  • By default only print messages for domains with errors. Use -v option to print infos for all domains. [fschulze]

  • Allow comments starting with # in domain file. [fschulze]

  • Get rid of openssl executable requirement. [fschulze]

0.3.0 - 2016-01-01

  • Use asyncio to fetch certificates in parallel. [fschulze]

0.2.0 - 2015-12-22

  • Actually support Python 3.4 as advertised. [fschulze]

  • Fix packaging. [witsch]

  • Round expiry time delta to minutes for nicer output. [fschulze]

  • Skip duplicate messages for alternate names. [fschulze]

  • Add certificate issuer to output. [fschulze]

  • Mark sha1 certificate signature as error. [fschulze]

0.1.0 - 2015-12-20

  • Initial release [fschulze]

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

check-tls-certs-0.5.0.zip (10.0 kB view hashes)

Uploaded Source

check-tls-certs-0.5.0.tar.gz (5.2 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page