turbot/net_insights

GitHub
Loading controls...

Control: Certificates should not be expired

Description

SSL certificates ensure secure connections between a server and other web entities and provide validation that a browser is indeed communicating with a validated website server. Once it expires, your website is no longer recognized on the web as safe and secure and it is vulnerable to cyber-attacks.

Usage

Run the control in your terminal:

steampipe check net_insights.control.ssl_certificate_not_expired

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share net_insights.control.ssl_certificate_not_expired

Plugins & Tables

Params

ArgsNameDefaultDescriptionVariable
$1domain_names
["github.com","microsoft.com"]
DNS domain names.

SQL

select
common_name as resource,
case
when now() > not_after then 'alarm'
else 'ok'
end as status,
case
when now() > not_after then common_name || ' is expired.'
else common_name || ' expires in ' || date_trunc('day', age(not_after, now())) || '.'
end as reason
from
net_certificate
where
domain in (
select
jsonb_array_elements_text(to_jsonb($1 :: text [ ]))
)
order by
common_name;