7 months ago

non SSL Port Monioring

Hi We have a requirement to monitor ssl certificate on non ssl ports like for example 7083 is here any Datasource we have to do this or any easy way to do it.

    6 months ago

    Clone the DS and change the ssl.listening_ports property for a custom one.

    Same code that LM uses for regular cert monitoring with a different port:

  • Is it an HTTPS server just on a custom port? You should be able to clone the "HTTPS" DataSource and change the port it uses. May want to tweak the AppliesTo and other items as needed.

      I tried it and updaed the port it applies to as 7083 so it doesnot show any output.

      It worked but it just monitors weather we are able to connec on port 7803 or not but the requirement is to get validity of the certificate and in how many days it expires

        you can try using the below script which we have deployed.

        this runs everyday and decrement the number of day each day and we have created an alert that we should be notified when it reaches 30 (month) so that we can initiate the work to reinstate the server certificate

        import com.santaba.agent.groovyapi.expect.Expect;
        import com.santaba.agent.groovyapi.snmp.Snmp;
        import com.santaba.agent.groovyapi.http.*;
        import com.santaba.agent.groovyapi.jmx.*;
        import org.xbill.DNS.*;
        import java.text.SimpleDateFormat
        import java.util.concurrent.TimeUnit

        // Function to get the number of days left until the certificate expires
        def getDaysUntilExpiry(host, port) {
            try {
                // Create SSL context
                SSLContext sslContext = SSLContext.getInstance("TLS")
                sslContext.init(null, null, new
                SSLSocketFactory factory = sslContext.getSocketFactory()
                // Create socket to connect to the server
                Socket socket = factory.createSocket(host, port)
                SSLSocket sslSocket = (SSLSocket) socket
                // Start handshake to get the certificate
                SSLSession session = sslSocket.getSession()
                Certificate[] certificates = session.getPeerCertificates()
                X509Certificate cert = (X509Certificate) certificates[0]
                // Get expiry date
                Date expiryDate = cert.getNotAfter()
                Date currentDate = new Date()
                // Calculate days left
                long diffInMillies = expiryDate.getTime() - currentDate.getTime()
                long diffInDays = TimeUnit.DAYS.convert(diffInMillies, TimeUnit.MILLISECONDS)
                // Close resources
            } catch (Exception e) {

        // Main execution
        def host = ""  // Replace with your server hostname or IP
        def port = 443               // Port number

        getDaysUntilExpiry(host, port)

  • you can try using the groovy script 

    Collection method - script


    process = [ 'bash', '-c', 'timeout 60  bash -c "</dev/tcp/<IP address>/7083"; echo $?'].execute()
    println process.text;

    this will check every 1 minute whether port 7083 is opening or not.


