certcheck

command module
v0.0.0-...-494989d Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 22, 2026 License: MIT Imports: 19 Imported by: 0

README

certcheck

ci go report license

A small Go CLI that checks TLS certificate expiry across a list of hosts. Useful for daily cron jobs, monitoring pipelines, or a quick sanity check.

Install

# from source
go install github.com/14ten/certcheck@latest

# docker
docker run --rm ghcr.io/14ten/certcheck:latest example.com

Pre-built binaries (linux / macOS / windows on amd64 + arm64) are attached to each release.

Usage

# Arguments
certcheck example.com github.com:443 cloudflare.com

# Stdin (one host per line, # comments allowed)
cat hosts.txt | certcheck --json

# Tighter thresholds
certcheck --warn-days 14 --crit-days 3 example.com

Output

HOST          EXPIRES     DAYS  STATUS  ISSUER
example.com   2026-08-12  82    OK      DigiCert TLS RSA SHA256 2020 CA1
api.test      2026-06-04  13    WARN    Let's Encrypt R3
expired.test  -           -     ERR     tls handshake failed

Flags

Flag Default Description
--warn-days 30 Warn when cert expires within N days
--crit-days 7 Critical when cert expires within N days
--json false Emit JSON instead of a table
--workers 8 Concurrent checks
--timeout 5s Per-host TLS dial timeout

Exit codes

Code Meaning
0 all certs OK
1 at least one WARN
2 at least one CRIT
3 a check errored

Exit codes are designed to plug straight into Nagios-style monitoring.

License

MIT — see LICENSE.

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.