Clever Geek Handbook

How do you keep track of hosting / domain / SSL certificate expiration dates for clients?

Not a programming issue per se, but interesting for people who are doing commercial web development.

How do you keep track of all hosting registrations, domain registrations and SSL certificate expiration dates?

Are you just holding a spreadsheet or is there some useful program to do this?

I have searched extensively and cannot find a useful piece of software, and I am tempted to write something. With over 100 clients to manage, and hosting and domain names spread across multiple hosting companies and registrars, my dedicated tools don't work.

+1


source to share


5 answers


How about turning it into a programming question? You can use this code (C #), although I would recommend modifying it a bit (like putting the url in a file) and throwing it into the service.

This code sets up a certificate validation callback that HttpWebRequest will call anytime it encounters a certificate. This allows us to take a look at the certificate, usually this is used to verify the certificate, but we will look at the expiration date and if it is within 3 months we will send an email to us. The timer is configured to run the scan once a day.



using System.Net;
using System.Diagnostics;
using System.Net.Mail;
using System.Threading;

static void Main(string[] args)
{
    // List of URL to check
    string[] urls = new string[]{
        "https://www.6bit.com/",
        "https://www.google.com/"
    };

    HttpWebRequest req = null;

    // Certificate check callback
    ServicePointManager.ServerCertificateValidationCallback = (state, cert, certChain, sslerr) =>
    {
        DateTime expiration = DateTime.Parse(cert.GetExpirationDateString());
        if (expiration < DateTime.Now.AddMonths(3))
        {
            Debug.WriteLine("Cert expiring on " + expiration.ToShortDateString());
            MailMessage msg = new MailMessage("SSLCheck@example.com", "josh@example.com", "SSL Certificate Expiring", "The ssl certificate for" + req.RequestUri.ToString() + " will expire on " + expiration.ToShortDateString());
            SmtpClient sc = new SmtpClient();
            sc.Send(msg);
        }

        return true;
    };

    // Request each url once a day so that the validation callback runs for each
    Timer t = new Timer(s =>
    {
        Array.ForEach(urls, url =>
        {
            try
            {
                req = (HttpWebRequest)HttpWebRequest.Create(url);
                HttpWebResponse resp = (HttpWebResponse)req.GetResponse();
                resp.Close();
            }
            catch (Exception ex)
            {
                Debug.WriteLine("Error checking site: " + ex.ToString());
            }
        });
    }, null, TimeSpan.FromSeconds(0), TimeSpan.FromDays(1));  // Run the timer now and schedule to run once a day
}
+2


source


You are probably better off using whatever tool you normally use to manage your time / schedule than having a dedicated tool. Be it Outlook, Sunbird, Lightning, PDA, cell phone, paper calendar, etc. Just use whatever tool you usually use to track dates.

[ADDITIVE]



To clarify, the reason you want it all in the same place as the rest of the important dates is because it ensures (at least slightly) that you pay attention to the list. If you're using some other program, it's all too easy to get busy for a couple of weeks and forget to look at your dedicated tool and end up letting it expire that shouldn't expire.

+1


source


As for managing SSL certificates, you can write a script that calls OpenSSL, or if you want something out of the box, you can try this:

SSL certificate discovery and monitoring tool

It will find and register certificates on your networks and send email alerts when they approach expiration. Results can be imported into a web-based tool called Cert Center.

+1


source


Try epazote basically you can create a list of sites (services) in a yaml file and get an email / alert / hipchat before the certificate expires like:

services:
    google:
        url: https://www.google.com
        seconds: 60
        expect:
            status: 302
            ssl:
                hours: 72

In this case, the email can be sent 72 hours before the expiration of the certificate.

More details here: https://epazote.io/post/how-to-use-it/

0


source


You can use a service like https://IsItWorking.info to track domain registration and SSL certificate expiration.

You can set when you want to receive notifications (for example 60 days before expiration) and it can notify you by email, sag or push.

(full disclosure: I wrote this!)

0


source






More articles:


All Articles