All Apps and Add-ons

SSL Certificate Checker

cmesaros
Explorer

Hello,

I want to use SSL Certificate Checker to monitor all certificates expiration date from my networks. It is possible this?

Best regards,
Cristian

jkat54
SplunkTrust
SplunkTrust

The app currently supports checking expiration dates of local certificates only. If you have a host with all the certs, you could use it on that host to monitor all the certs (PKI machines might have all your certs for example).

I'll add this as an enhancement request for the next time I write code for this app though.

If this answers your question, please let us know by
marking as the answer and maybe upvoting too.

cmesaros
Explorer

Thanks for your fast answer. I have IPA servers can I read certificates from there?

Thanks a lot.

Best regards,
Cristian

0 Karma

jkat54
SplunkTrust
SplunkTrust

Do you have *.pem files on the ISA for all the certs?

0 Karma

cmesaros
Explorer

No. IPA is equivalent to FreeIPA ( integrated Identity and Authentication solution for Linux). IPA stores all certificates in certificate database.

Thanks a lot.

0 Karma

jkat54
SplunkTrust
SplunkTrust

Yeah this app won't help you then, sorry!

Nice use case though. I do have the commands for remotely checking an expiry date on ssl certs. Would you like those for reference? Maybe you can write your own script.

0 Karma

bballad
Explorer

I am looking at a similar use case. Do you mind sharing those commands?

jkat54
SplunkTrust
SplunkTrust

echo | openssl s_client -connect someserver:443 2>/dev/null | openssl x509 -noout -enddate

bballad
Explorer

Thanks

0 Karma

Tune In & Win!

Don't miss out on your
chance to take home free
prizes by helping our players
save the Splunk Cloudom!

Dungeons & Data
Monsters: Splunk O11y
Day Editions Games
stream live:
5/4 at 6:30pm PST
5/5 at 7:00pm PST
on