Skip to content

Instantly share code, notes, and snippets.

@uolter
Last active November 11, 2021 10:19
Show Gist options
  • Save uolter/de54bfe59817b1b1b2c41d50e4569aaa to your computer and use it in GitHub Desktop.
Save uolter/de54bfe59817b1b1b2c41d50e4569aaa to your computer and use it in GitHub Desktop.
Go check SSL/TLS
package main
import (
"crypto/tls"
"fmt"
"time"
)
type target struct {
domain string
port int
}
func (t *target) Url() string {
if t.port == 0 {
return fmt.Sprintf("%s:443", t.domain)
}
return fmt.Sprintf("%s:%d", t.domain, t.port)
}
func (t *target) CheckTLS() {
conn, err := tls.Dial("tcp", t.Url(), nil)
if err != nil {
fmt.Println("[ERROR] Server doesn't support SSL certificate err: " + err.Error())
} else {
err = conn.VerifyHostname(t.domain)
if err != nil {
fmt.Println("Hostname doesn't match with certificate: " + err.Error())
}
expiry := conn.ConnectionState().PeerCertificates[0].NotAfter
fmt.Printf("Issuer: %s\nExpiry: %v\n", conn.ConnectionState().PeerCertificates[0].Issuer, expiry.Format(time.RFC850))
currentTime := time.Now()
diff := currentTime.Sub(expiry)
if diff > 0 {
fmt.Println("EXPIRED!!")
}
}
}
func main() {
urls := []target{
{domain: "api-gad.io.italia.it"},
{domain: "api.io.italia.it"},
{domain: "app.io.italia.it"},
{domain: "app-backend.io.italia.it"},
{domain: "developerportal-backend.io.italia.it"},
{domain: "developer.io.italia.it"},
{domain: "io.italia.it"},
{domain: "api.io.pagopa.it"},
// {domain: "api-app.pagopa.it"},
{domain: "api-mtls.io.pagopa.it"},
{domain: "assets.cdn.io.italia.it"},
{domain: "backoffice.io.italia.it"},
}
for _, u := range urls {
fmt.Println(u.domain)
u.CheckTLS()
fmt.Println("")
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment