Mods

turbot/net_insights

GitHub
Overview
7Dashboards
53Controls
26Queries
2Variables
GitHub
Loading controls...
On This Page
Description
Usage
Plugins & Tables
Params
SQL
Get Involved
Edit on GitHub
Discuss on Slack

Control: Certificates should not be expired

Description

SSL certificates ensure secure connections between a server and other web entities and provide validation that a browser is indeed communicating with a validated website server. Once it expires, your website is no longer recognized on the web as safe and secure and it is vulnerable to cyber-attacks.

Usage

Run the control in your terminal:

steampipe check net_insights.control.ssl_certificate_not_expired

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share net_insights.control.ssl_certificate_not_expired

Plugins & Tables

net_certificate
Net plugin

Params

ArgsNameDefaultDescriptionVariable
$1domain_names
["github.com","microsoft.com"]
DNS domain names.

SQL

select
  common_name as resource,
  case
    when now() > not_after then 'alarm'
    else 'ok'
  end as status,
  case
    when now() > not_after then common_name || ' is expired.'
    else common_name || ' expires in ' || date_trunc('day', age(not_after, now())) || '.'
  end as reason
from
  net_certificate
where
  domain in (
    select
      jsonb_array_elements_text(to_jsonb($1 :: text [ ]))
  )
order by
  common_name;