kksudo/certificate_synthetic.js

## certificate_synthetic.js
/*
To use this synthetic, set the following Secure credentials:
  NEW_RELIC_INSIGHTS_API_KEY - Your api key from the account settings.
  NEW_RELIC_ACCOUNT_ID - Your account ID, also found in the account settings.
  CERTS_TO_MONITOR - A list of hosts to check via https, separated by a comma and a space, for example:
    host.example.com, foo.example.com

Create a new Synthetic monitor, copy the entire contents of this script to the monitor.
Set the monitor to run once a day from a single location.

Once you have executied the script once, NRQL queries, graphs, and alert(s):

This will provide a list of hosts monitored, ordered with the shortest time remaining first:
  SELECT * FROM SSLCertificateCheck since 24 hours ago ORDER BY DaysToExpiration

This will display the count of certificates expiring in the next 30 days:
  SELECT count(*) AS 'TLS expiring in the next 30 days' FROM SSLCertificateCheck WHERE DaysToExpiration < 30 since 24 hours ago

Additionally, you can create an alert to ping someone that a cert needs attention:
  SELECT count(*) AS 'Number of Expiring Certs' FROM SSLCertificateCheck WHERE DaysToExpiration < 7
*/
var request = require('request'),
  assert = require('assert'),
  Q = require('q');

var urlsToMonitor = $secure.CERTS_TO_MONITOR.split(', ');
var licenseKey = $secure.NEW_RELIC_INSIGHTS_API_KEY;
var accountId = $secure.NEW_RELIC_ACCOUNT_ID;

function treatAsUTC(date) {
  var result = new Date(date);
  result.setMinutes(result.getMinutes() - result.getTimezoneOffset());
  return result;
}

function daysBetween(startDate, endDate) {
  var millisecondsPerDay = 24 * 60 * 60 * 1000;
  return Math.round((treatAsUTC(endDate) - treatAsUTC(startDate)) / millisecondsPerDay);
}

function processSite(urlToMonitor) {
  var deferred = Q.defer();
  console.log('Preparing to monitor ' + urlToMonitor);
  var r = request({
    url: 'https://' + urlToMonitor + '/',
    method: 'HEAD',
    gzip: true,
    followRedirect: false,
    followAllRedirects: false,
    strictSSL: false
  });

  r.on('response',
    function(res) {
      var certDetails = (res.req.connection.getPeerCertificate());
      var currentDate = new Date();
      var certExpirationDate = new Date(certDetails.valid_to);
      var certificateIssuer = certDetails.issuer.O;
      var daysToExpiration = daysBetween(currentDate, certExpirationDate);

      console.log('This certificate was issued by ' + certificateIssuer, '');
      console.log('This SSL certificate will expire on ' + certExpirationDate, '');
      console.log('**** Date at time of testing: ' + currentDate);
      console.log('**** Days to expiration: ' + daysToExpiration);
      console.log('Creating event for: ' + urlToMonitor);

      function insertInsightsEvent(urlToMonitor, certificateIssuer, daysToExpiration, expirationMilliseconds) {
        var options = {
          uri: 'https://insights-collector.newrelic.com/v1/accounts/' + accountId + '/events',
          body: '[{"eventType":"SSLCertificateCheck","Url":"https://' + urlToMonitor + '/","Issuer":"' + certificateIssuer + '","DaysToExpiration":' + daysToExpiration + ', "ExpirationDate":' + expirationMilliseconds + '}]',
          headers: {
            'X-Insert-Key': licenseKey,
            'Content-Type': 'application/json'
        }
      };
      console.log(options);
      console.log("Posting event for: "+urlToMonitor);
        request.post(options, function(error, response, body) {
        console.log(response.statusMessage);
        console.log(response.statusCode + " status code");
        assert.ok(response.statusCode == 200, 'Expected 200 OK response');
        var info = JSON.parse(body); assert.ok(info.success == true, 'Expected True results in Response Body, result was ' + info.success); console.log("SSL cert check completed successfully");
        });
      }
      insertInsightsEvent(urlToMonitor, certificateIssuer, daysToExpiration, certExpirationDate.getTime()); deferred.resolve();
    }
  );

  return deferred.promise;
}

for (var i = 0; i < urlsToMonitor.length; i++) {
  var urlToMonitor = urlsToMonitor[i];
  processSite(urlToMonitor);
}

// Do this to fake out the monitor into success
// https://docs.newrelic.com/docs/synthetics/new-relic-synthetics/troubleshooting/monitor-produces-no-traffic
$browser.get('https://' + urlsToMonitor[0] + '/');
	/*
	To use this synthetic, set the following Secure credentials:
	NEW_RELIC_INSIGHTS_API_KEY - Your api key from the account settings.
	NEW_RELIC_ACCOUNT_ID - Your account ID, also found in the account settings.
	CERTS_TO_MONITOR - A list of hosts to check via https, separated by a comma and a space, for example:
	host.example.com, foo.example.com

	Create a new Synthetic monitor, copy the entire contents of this script to the monitor.
	Set the monitor to run once a day from a single location.

	Once you have executied the script once, NRQL queries, graphs, and alert(s):

	This will provide a list of hosts monitored, ordered with the shortest time remaining first:
	SELECT * FROM SSLCertificateCheck since 24 hours ago ORDER BY DaysToExpiration

	This will display the count of certificates expiring in the next 30 days:
	SELECT count(*) AS 'TLS expiring in the next 30 days' FROM SSLCertificateCheck WHERE DaysToExpiration < 30 since 24 hours ago

	Additionally, you can create an alert to ping someone that a cert needs attention:
	SELECT count(*) AS 'Number of Expiring Certs' FROM SSLCertificateCheck WHERE DaysToExpiration < 7
	*/
	var request = require('request'),
	assert = require('assert'),
	Q = require('q');

	var urlsToMonitor = $secure.CERTS_TO_MONITOR.split(', ');
	var licenseKey = $secure.NEW_RELIC_INSIGHTS_API_KEY;
	var accountId = $secure.NEW_RELIC_ACCOUNT_ID;

	function treatAsUTC(date) {
	var result = new Date(date);
	result.setMinutes(result.getMinutes() - result.getTimezoneOffset());
	return result;
	}

	function daysBetween(startDate, endDate) {
	var millisecondsPerDay = 24 * 60 * 60 * 1000;
	return Math.round((treatAsUTC(endDate) - treatAsUTC(startDate)) / millisecondsPerDay);
	}

	function processSite(urlToMonitor) {
	var deferred = Q.defer();
	console.log('Preparing to monitor ' + urlToMonitor);
	var r = request({
	url: 'https://' + urlToMonitor + '/',
	method: 'HEAD',
	gzip: true,
	followRedirect: false,
	followAllRedirects: false,
	strictSSL: false
	});

	r.on('response',
	function(res) {
	var certDetails = (res.req.connection.getPeerCertificate());
	var currentDate = new Date();
	var certExpirationDate = new Date(certDetails.valid_to);
	var certificateIssuer = certDetails.issuer.O;
	var daysToExpiration = daysBetween(currentDate, certExpirationDate);

	console.log('This certificate was issued by ' + certificateIssuer, '');
	console.log('This SSL certificate will expire on ' + certExpirationDate, '');
	console.log('**** Date at time of testing: ' + currentDate);
	console.log('**** Days to expiration: ' + daysToExpiration);
	console.log('Creating event for: ' + urlToMonitor);

	function insertInsightsEvent(urlToMonitor, certificateIssuer, daysToExpiration, expirationMilliseconds) {
	var options = {
	uri: 'https://insights-collector.newrelic.com/v1/accounts/' + accountId + '/events',
	body: '[{"eventType":"SSLCertificateCheck","Url":"https://' + urlToMonitor + '/","Issuer":"' + certificateIssuer + '","DaysToExpiration":' + daysToExpiration + ', "ExpirationDate":' + expirationMilliseconds + '}]',
	headers: {
	'X-Insert-Key': licenseKey,
	'Content-Type': 'application/json'
	}
	};
	console.log(options);
	console.log("Posting event for: "+urlToMonitor);
	request.post(options, function(error, response, body) {
	console.log(response.statusMessage);
	console.log(response.statusCode + " status code");
	assert.ok(response.statusCode == 200, 'Expected 200 OK response');
	var info = JSON.parse(body); assert.ok(info.success == true, 'Expected True results in Response Body, result was ' + info.success); console.log("SSL cert check completed successfully");
	});
	}
	insertInsightsEvent(urlToMonitor, certificateIssuer, daysToExpiration, certExpirationDate.getTime()); deferred.resolve();
	}
	);

	return deferred.promise;
	}

	for (var i = 0; i < urlsToMonitor.length; i++) {
	var urlToMonitor = urlsToMonitor[i];
	processSite(urlToMonitor);
	}

	// Do this to fake out the monitor into success
	// https://docs.newrelic.com/docs/synthetics/new-relic-synthetics/troubleshooting/monitor-produces-no-traffic
	$browser.get('https://' + urlsToMonitor[0] + '/');