Skip to content

root27/certwatch

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.gitignore
.gitignore
 
 
.goreleaser.yaml
.goreleaser.yaml
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
main.go
main.go
 
 

Repository files navigation

CertWatch - SSL Certificate Expiry Checker & Auto-Renewal Tool

Overview

CertWatch is a Go-based tool that checks SSL certificates for all domains every 12 hours. If a certificate is set to expire within 24 hours, it automatically renews it using Certbot with the Nginx plugin.

Features

  • Checks SSL certificate expiry dates for the domains every 12 hours.
  • Automatically renews certificates if they are expiring within 24 hours.
  • Uses certbot certificates to fetch certificate details.
  • Renews certificates using certbot renew --nginx -d <domain>.
  • Implements scheduling using Go's time.Ticker instead of an external cron package.

Usage

Download the latest binary from the releases page.

Run the application:

./certwatch

How It Works

  1. The tool runs every 12 hours using time.Ticker.
  2. It executes the certbot certificates command to retrieve certificate details.
  3. Parses the output using regex to extract domain names and expiry dates.
  4. If a certificate expires within 24 hours, it triggers the renewal process: 
    sudo certbot renew --nginx -d <domain>
  5. Logs are maintained for tracking renewal attempts.
  6. If a certificate expired more than 7 days ago, it is skipped.

Contributions

Contributions are welcome! Feel free to submit issues and pull requests.

About

Nginx ssl certificates auto-renewal service

Topics

letsencrypt nginx golang ssl certificate goreleaser autorenewal

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

v0.1.0 Latest
Mar 4, 2025

Packages

No packages published

Languages