ssl_poler 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 72c6050edf8b45ecd96024cb4e23cdef79a2a40dd8049b948e930216a9fc3c2e
+  data.tar.gz: b821b1b3a5b196659604e1c7f37d47892f054c2314b668bc9ae697a7c46a3fb0
+SHA512:
+  metadata.gz: fbf98f664330dfd12c41fc5ad7a193802da66594bc9f47d7c848d4296212b4141f8e1d2b6e736d4f7fcc600d4e29d93b661eff40f29de84dd2578860ef5f6608
+  data.tar.gz: d46b5fab78315ddf3816fcc95e2575386984ca157f1eddff2d9af5e348314e517be6ac41acd9bbd65be2c5938c35e497b5a68f471881beffcfc70c4e540a8ce9

data/CHANGELOG.md

@@ -0,0 +1,8 @@
+# Changelog
+
+## [0.1.0] - 2025-10-13
+
+- Initial release
+- SSL certificate checking functionality
+- YAML configuration support
+- CLI interface

data/LICENSE.txt

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,175 @@
+# SslPoler
+
+A Ruby gem for checking SSL certificate status from multiple URLs defined in a YAML configuration file. Monitor certificate expiration dates, issuers, and other important certificate details.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'ssl_poler'
+```
+
+And then execute:
+
+```bash
+$ bundle install
+```
+
+Or install it yourself as:
+
+```bash
+$ gem install ssl_poler
+```
+
+## Usage
+
+### 1. Create a YAML configuration file
+
+Create a file (e.g., `config.yml`) with your URLs:
+
+```yaml
+urls:
+  - https://example.com
+  - https://google.com
+  - name: GitHub
+    url: https://github.com
+  - name: Ruby Gems
+    url: https://rubygems.org
+```
+
+URLs can be specified as simple strings or as objects with `name` and `url` keys.
+
+### 2. Run the CLI
+
+```bash
+$ ssl_poler --config config.yml
+```
+
+### CLI Options
+
+```
+Usage: ssl_poler [options]
+    -c, --config PATH                Path to YAML config file (required)
+    -f, --format FORMAT              Output format (text, json)
+    -w, --warning-days DAYS          Days before expiration to warn (default: 30)
+    -h, --help                       Show this help message
+    -v, --version                    Show version
+```
+
+### Examples
+
+**Basic check:**
+```bash
+$ ssl_poler --config config.yml
+```
+
+**JSON output:**
+```bash
+$ ssl_poler --config config.yml --format json
+```
+
+**Custom warning threshold (warn if expiring within 60 days):**
+```bash
+$ ssl_poler --config config.yml --warning-days 60
+```
+
+### Sample Output
+
+```
+================================================================================
+SSL Certificate Check Results
+================================================================================
+
+example.com (https://example.com)
+--------------------------------------------------------------------------------
+  Status:     OK
+  Subject:    CN=example.com
+  Issuer:     CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
+  Valid From: 2024-01-15 00:00:00 UTC
+  Valid To:   2025-02-15 23:59:59 UTC
+  Expires In: 125 days
+  Serial:     12345678901234567890
+  Algorithm:  sha256WithRSAEncryption
+  Key:        OpenSSL::PKey::RSA (2048 bits)
+
+================================================================================
+Summary:
+  Total:         4
+  OK:            3
+  Expiring Soon: 1
+  Expired:       0
+  Errors:        0
+================================================================================
+```
+
+## Programmatic Usage
+
+You can also use the gem programmatically in your Ruby code:
+
+```ruby
+require 'ssl_poler'
+
+# Check a single URL
+checker = SslPoler::CertificateChecker.new('https://example.com')
+if checker.check
+  info = checker.certificate_info
+  puts "Expires in #{info[:expires_in_days]} days"
+  puts "Valid: #{info[:valid]}"
+  puts "Expired: #{info[:expired]}"
+else
+  puts "Error: #{checker.error}"
+end
+
+# Load and check multiple URLs from config
+config = SslPoler::ConfigLoader.new('config.yml')
+config.load
+
+config.urls.each do |entry|
+  checker = SslPoler::CertificateChecker.new(entry[:url])
+  checker.check
+  info = checker.certificate_info
+  puts "#{entry[:name]}: #{info[:expires_in_days]} days remaining"
+end
+```
+
+## Certificate Information
+
+The gem provides the following information for each certificate:
+
+- **Subject**: The entity to which the certificate is issued
+- **Issuer**: The entity that issued the certificate
+- **Serial Number**: Unique identifier for the certificate
+- **Valid From**: Certificate start date
+- **Valid To**: Certificate expiration date
+- **Expires In**: Number of days until expiration
+- **Expired**: Boolean indicating if certificate has expired
+- **Expires Soon**: Boolean indicating if certificate expires within warning threshold
+- **Valid**: Boolean indicating if certificate is currently valid
+- **Version**: X.509 version
+- **Signature Algorithm**: Algorithm used to sign the certificate
+- **Public Key Algorithm**: Type of public key (RSA, EC, etc.)
+- **Key Size**: Size of the public key in bits
+
+## Exit Codes
+
+The CLI uses the following exit codes:
+
+- `0`: All certificates are valid and not expiring soon
+- `1`: One or more certificates have errors, are expired, or expiring soon
+
+This makes it easy to integrate with monitoring systems and CI/CD pipelines.
+
+## Development
+
+After checking out the repo, run `bundle install` to install dependencies. Then, run `rake spec` to run the tests.
+
+To install this gem onto your local machine, run `bundle exec rake install`.
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/yourusername/ssl_poler.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/exe/ssl_poler

@@ -0,0 +1,5 @@
+#!/usr/bin/env ruby
+
+require "ssl_poler"
+
+SslPoler::CLI.new(ARGV).run

data/lib/ssl_poler/certificate_checker.rb

@@ -0,0 +1,94 @@
+require "openssl"
+require "net/http"
+require "uri"
+
+module SslPoler
+  class CertificateChecker
+    attr_reader :url, :certificate, :error
+
+    def initialize(url)
+      @url = url
+      @certificate = nil
+      @error = nil
+    end
+
+    def check
+      uri = parse_url(url)
+
+      http = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl = true
+      http.verify_mode = OpenSSL::SSL::VERIFY_NONE  # We just want to inspect the cert, not validate the connection
+
+      http.start do |connection|
+        @certificate = connection.peer_cert
+      end
+
+      true
+    rescue => e
+      @error = e.message
+      false
+    end
+
+    def certificate_info
+      return nil unless certificate
+
+      {
+        subject: certificate.subject.to_s,
+        issuer: certificate.issuer.to_s,
+        serial_number: certificate.serial.to_s,
+        not_before: certificate.not_before,
+        not_after: certificate.not_after,
+        expires_in_days: days_until_expiration,
+        expired: expired?,
+        expires_soon: expires_soon?,
+        valid: valid?,
+        version: certificate.version,
+        signature_algorithm: certificate.signature_algorithm,
+        public_key_algorithm: certificate.public_key.class.name,
+        key_size: key_size
+      }
+    end
+
+    def valid?
+      return false unless certificate
+      !expired? && certificate.not_before <= Time.now
+    end
+
+    def expired?
+      return false unless certificate
+      certificate.not_after < Time.now
+    end
+
+    def expires_soon?(days = 30)
+      return false unless certificate
+      days_until_expiration <= days && !expired?
+    end
+
+    def days_until_expiration
+      return nil unless certificate
+      ((certificate.not_after - Time.now) / 86400).round
+    end
+
+    private
+
+    def parse_url(url)
+      uri = URI.parse(url)
+      uri.scheme = "https" if uri.scheme.nil?
+      uri.port = 443 if uri.port.nil?
+      uri
+    rescue URI::InvalidURIError => e
+      raise Error, "Invalid URL: #{url} - #{e.message}"
+    end
+
+    def key_size
+      case certificate.public_key
+      when OpenSSL::PKey::RSA
+        certificate.public_key.n.num_bits
+      when OpenSSL::PKey::EC
+        certificate.public_key.group.degree
+      else
+        nil
+      end
+    end
+  end
+end

data/lib/ssl_poler/cli.rb

@@ -0,0 +1,161 @@
+require "optparse"
+
+module SslPoler
+  class CLI
+    def initialize(args)
+      @args = args
+      @config_path = nil
+      @options = {
+        format: :text,
+        warning_days: 30
+      }
+    end
+
+    def run
+      parse_options
+
+      if @config_path.nil?
+        puts "Error: Config file is required"
+        puts @option_parser
+        exit 1
+      end
+
+      config_loader = ConfigLoader.new(@config_path)
+      config_loader.load
+
+      results = check_certificates(config_loader.urls)
+      display_results(results)
+
+      exit_code = results.any? { |r| r[:error] || r[:expired] || r[:expires_soon] } ? 1 : 0
+      exit exit_code
+    rescue Error => e
+      puts "Error: #{e.message}"
+      exit 1
+    end
+
+    private
+
+    def parse_options
+      @option_parser = OptionParser.new do |opts|
+        opts.banner = "Usage: ssl_poler [options]"
+
+        opts.on("-c", "--config PATH", "Path to YAML config file (required)") do |path|
+          @config_path = path
+        end
+
+        opts.on("-f", "--format FORMAT", [:text, :json], "Output format (text, json)") do |format|
+          @options[:format] = format
+        end
+
+        opts.on("-w", "--warning-days DAYS", Integer, "Days before expiration to warn (default: 30)") do |days|
+          @options[:warning_days] = days
+        end
+
+        opts.on("-h", "--help", "Show this help message") do
+          puts opts
+          exit 0
+        end
+
+        opts.on("-v", "--version", "Show version") do
+          puts "ssl_poler version #{VERSION}"
+          exit 0
+        end
+      end
+
+      @option_parser.parse!(@args)
+    end
+
+    def check_certificates(urls)
+      results = []
+
+      urls.each do |entry|
+        puts "Checking #{entry[:name]}..." if @options[:format] == :text
+
+        checker = CertificateChecker.new(entry[:url])
+        success = checker.check
+
+        if success
+          info = checker.certificate_info
+          info[:name] = entry[:name]
+          info[:url] = entry[:url]
+          info[:expires_soon] = info[:expires_in_days] && info[:expires_in_days] <= @options[:warning_days]
+          results << info
+        else
+          results << {
+            name: entry[:name],
+            url: entry[:url],
+            error: checker.error
+          }
+        end
+      end
+
+      results
+    end
+
+    def display_results(results)
+      case @options[:format]
+      when :json
+        require "json"
+        puts JSON.pretty_generate(results)
+      else
+        display_text_results(results)
+      end
+    end
+
+    def display_text_results(results)
+      puts "\n" + "=" * 80
+      puts "SSL Certificate Check Results"
+      puts "=" * 80
+
+      results.each do |result|
+        puts "\n#{result[:name]} (#{result[:url]})"
+        puts "-" * 80
+
+        if result[:error]
+          puts "  Status: ERROR"
+          puts "  Error:  #{result[:error]}"
+          next
+        end
+
+        puts "  Status:     #{status_text(result)}"
+        puts "  Subject:    #{result[:subject]}"
+        puts "  Issuer:     #{result[:issuer]}"
+        puts "  Valid From: #{result[:not_before]}"
+        puts "  Valid To:   #{result[:not_after]}"
+        puts "  Expires In: #{result[:expires_in_days]} days"
+        puts "  Serial:     #{result[:serial_number]}"
+        puts "  Algorithm:  #{result[:signature_algorithm]}"
+        puts "  Key:        #{result[:public_key_algorithm]} (#{result[:key_size]} bits)"
+      end
+
+      puts "\n" + "=" * 80
+      display_summary(results)
+    end
+
+    def status_text(result)
+      if result[:expired]
+        "EXPIRED"
+      elsif result[:expires_soon]
+        "WARNING (expires in #{result[:expires_in_days]} days)"
+      else
+        "OK"
+      end
+    end
+
+    def display_summary(results)
+      total = results.size
+      errors = results.count { |r| r[:error] }
+      expired = results.count { |r| r[:expired] }
+      expiring_soon = results.count { |r| r[:expires_soon] && !r[:expired] }
+      ok = total - errors - expired - expiring_soon
+
+      puts "Summary:"
+      puts "  Total:         #{total}"
+      puts "  OK:            #{ok}"
+      puts "  Expiring Soon: #{expiring_soon}"
+      puts "  Expired:       #{expired}"
+      puts "  Errors:        #{errors}"
+      puts "=" * 80
+    end
+  end
+end

data/lib/ssl_poler/config_loader.rb

@@ -0,0 +1,53 @@
+require "yaml"
+
+module SslPoler
+  class ConfigLoader
+    attr_reader :config, :urls
+
+    def initialize(config_path)
+      @config_path = config_path
+      @config = nil
+      @urls = []
+    end
+
+    def load
+      raise Error, "Config file not found: #{@config_path}" unless File.exist?(@config_path)
+
+      @config = YAML.load_file(@config_path)
+      validate_config!
+      extract_urls
+      self
+    rescue Psych::SyntaxError => e
+      raise Error, "Invalid YAML syntax in config file: #{e.message}"
+    end
+
+    private
+
+    def validate_config!
+      raise Error, "Config file is empty" if @config.nil? || @config.empty?
+      raise Error, "Config must contain 'urls' key" unless @config.key?("urls")
+      raise Error, "URLs must be an array" unless @config["urls"].is_a?(Array)
+      raise Error, "URLs array cannot be empty" if @config["urls"].empty?
+    end
+
+    def extract_urls
+      @urls = @config["urls"].map do |entry|
+        case entry
+        when String
+          { url: entry, name: entry }
+        when Hash
+          {
+            url: entry["url"] || entry[:url],
+            name: entry["name"] || entry[:name] || entry["url"] || entry[:url]
+          }
+        else
+          raise Error, "Invalid URL entry: #{entry.inspect}"
+        end
+      end
+
+      @urls.each do |entry|
+        raise Error, "URL cannot be nil or empty" if entry[:url].nil? || entry[:url].empty?
+      end
+    end
+  end
+end

data/lib/ssl_poler/version.rb

@@ -0,0 +1,3 @@
+module SslPoler
+  VERSION = "0.1.0"
+end

data/lib/ssl_poler.rb

@@ -0,0 +1,8 @@
+require_relative "ssl_poler/version"
+require_relative "ssl_poler/certificate_checker"
+require_relative "ssl_poler/config_loader"
+require_relative "ssl_poler/cli"
+
+module SslPoler
+  class Error < StandardError; end
+end

metadata

@@ -0,0 +1,83 @@
+--- !ruby/object:Gem::Specification
+name: ssl_poler
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Michail Pantelelis
+bindir: exe
+cert_chain: []
+date: 1980-01-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+description: A Ruby gem that reads URLs from a YAML configuration and checks their
+  SSL certificate status, including expiration dates, issuers, and more.
+email:
+- mpantel@aegean.gr
+executables:
+- ssl_poler
+extensions: []
+extra_rdoc_files: []
+files:
+- CHANGELOG.md
+- LICENSE.txt
+- README.md
+- exe/ssl_poler
+- lib/ssl_poler.rb
+- lib/ssl_poler/certificate_checker.rb
+- lib/ssl_poler/cli.rb
+- lib/ssl_poler/config_loader.rb
+- lib/ssl_poler/version.rb
+homepage: https://github.com/mpantel/ssl_poler
+licenses:
+- MIT
+metadata:
+  source_code_uri: https://github.com/mpantel/ssl_poler
+  changelog_uri: https://github.com/mpantel/ssl_poler/blob/main/CHANGELOG.md
+  bug_tracker_uri: https://github.com/mpantel/ssl_poler/issues
+  documentation_uri: https://github.com/mpantel/ssl_poler/blob/main/README.md
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 3.2.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.7.1
+specification_version: 4
+summary: Check SSL certificate status for multiple URLs
+test_files: []