ssl-certificate-monitor

Monitor SSL certificates for expiration, security issues, and compliance across domains and subdomains.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "ssl-certificate-monitor" with this command: npx skills add Derick001/ssl-certificate-monitor

SSL Certificate Monitor

What This Does

A CLI tool to monitor SSL/TLS certificates for expiration dates, security issues, and basic compliance checks. Check single domains or multiple domains from a list, get detailed certificate information, and receive alerts before certificates expire.

Key features:

  • Check expiration dates for SSL certificates on domains and subdomains
  • Detailed certificate info - issuer, subject, serial number, signature algorithm
  • Security validation - check certificate chain, basic trust validation
  • Batch monitoring - check multiple domains from a file or list
  • Alert thresholds - warn when certificates expire within specified days (default 30 days)
  • JSON output - machine-readable output for integration with monitoring systems
  • Simple CLI interface - easy to use in scripts or cron jobs
  • No external API required - uses Python's SSL/TLS libraries

When To Use

  • You need to monitor SSL certificate expiration for your websites
  • You want to automate certificate renewal reminders
  • You're managing multiple domains and subdomains
  • You need to validate certificate chain and basic security
  • You want to integrate SSL monitoring into your DevOps pipeline
  • You're auditing domains for certificate compliance
  • You need to check certificates on internal servers or development environments

Usage

Basic commands:

# Check a single domain
python3 scripts/main.py check example.com

# Check with custom port
python3 scripts/main.py check example.com --port 443

# Check multiple domains from a file (one domain per line)
python3 scripts/main.py batch domains.txt

# Set custom warning threshold (days before expiration)
python3 scripts/main.py check example.com --warning-days 14

# Output JSON for machine processing
python3 scripts/main.py check example.com --json

# Check certificate details (issuer, subject, algorithm, etc.)
python3 scripts/main.py details example.com

# Validate certificate chain and basic security
python3 scripts/main.py validate example.com

Examples

Example 1: Check single domain expiration

python3 scripts/main.py check example.com

Output:

✅ Domain: example.com:443
   Status: Valid
   Expires: 2026-06-15 23:59:59 UTC
   Days remaining: 101
   Issuer: Let's Encrypt Authority X3
   Subject: CN=example.com
   Algorithm: SHA256-RSA

Example 2: Check with warning threshold

python3 scripts/main.py check example.com --warning-days 30

Output (if expiring within 30 days):

⚠️  Domain: example.com:443
   Status: Expiring soon
   Expires: 2026-03-10 23:59:59 UTC
   Days remaining: 4
   Issuer: Let's Encrypt Authority X3
   Subject: CN=example.com
   Algorithm: SHA256-RSA
   Warning: Certificate expires in 4 days

Example 3: Batch check from file

python3 scripts/main.py batch domains.txt --warning-days 30

Output:

📋 Batch check results (5 domains):
✅ example.com: Valid (101 days remaining)
✅ api.example.com: Valid (95 days remaining)
⚠️  staging.example.com: Expiring soon (15 days remaining)
❌ internal.example.com: Invalid (Certificate expired 2 days ago)
❌ old.example.com: Connection failed (Timeout)

Summary: 3 valid, 1 expiring soon, 1 expired, 1 failed

Example 4: JSON output for automation

python3 scripts/main.py check example.com --json

Output:

{
  "domain": "example.com",
  "port": 443,
  "status": "valid",
  "expires_at": "2026-06-15T23:59:59Z",
  "days_remaining": 101,
  "issuer": "Let's Encrypt Authority X3",
  "subject": "CN=example.com",
  "algorithm": "SHA256-RSA",
  "serial_number": "0a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6",
  "valid_from": "2025-06-16T00:00:00Z",
  "valid_to": "2026-06-15T23:59:59Z",
  "warning": false,
  "error": null
}

Example 5: Certificate details

python3 scripts/main.py details example.com

Output:

📋 Certificate details for example.com:443

Subject: CN=example.com
Issuer: Let's Encrypt Authority X3
Serial: 0a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6

Validity:
  Not before: 2025-06-16 00:00:00 UTC
  Not after:  2026-06-15 23:59:59 UTC
  Days remaining: 101

Signature:
  Algorithm: SHA256-RSA
  Key size: 2048 bits

Extensions:
  Subject Alternative Names: example.com, www.example.com
  Key Usage: Digital Signature, Key Encipherment
  Extended Key Usage: TLS Web Server Authentication

Requirements

  • Python 3.x
  • cryptography library for certificate parsing (installed automatically or via pip)

Install missing dependencies:

pip3 install cryptography

Limitations

  • Only checks TLS certificates on standard ports (custom ports supported via --port)
  • Requires network connectivity to target domains
  • May be blocked by firewalls or network security policies
  • Does not perform deep security audits (no revocation checking, weak cipher detection)
  • No support for client certificate authentication
  • Limited to standard TLS handshake (no SNI customization)
  • May not work with self-signed certificates without custom trust stores
  • No support for checking certificate transparency logs
  • Rate limiting may affect checking many domains quickly
  • No built-in notification system (output only)
  • Does not check for mixed content or other web security issues
  • No support for checking certificates in load balancers or CDNs directly
  • Limited error handling for network timeouts or DNS failures
  • No support for checking certificates in mobile apps or other non-web contexts

Directory Structure

The tool works with domain lists as text files (one domain per line). No special configuration directories are required.

Error Handling

  • Connection timeouts show helpful error messages with retry suggestions
  • DNS resolution failures suggest checking domain spelling
  • Certificate validation errors show certificate details and validation issues
  • Port connection failures suggest checking firewall rules or service status
  • File not found errors suggest checking file paths and permissions

Contributing

This is a skill built by the Skill Factory. Issues and improvements should be reported through the OpenClaw project.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Ring Security

Monitor and manage Ring doorbells and security cameras. Query device status, review motion events, manage modes, and export event history. Use when you need...

Registry SourceRecently Updated
1730bytesagain1
Security

Retirement Planner

退休规划工具。退休金计算、投资策略、社保养老金、投资组合、提取策略、缺口分析。Retirement planner with pension calculation, investment strategy, social security, portfolio, withdrawal strategy, gap...

Registry SourceRecently Updated
1690bytesagain
Security

Node Auto Debugger

Scan Node.js/Express/Next.js projects for bugs, security issues, and anti-patterns. Use when debugging a Node.js web app, running code audits, fixing client-...

Registry SourceRecently Updated
30jengajojo
Security

Shieldcortex

Persistent memory system with security for AI agents. Remembers decisions, preferences, architecture, and context across sessions with knowledge graphs, deca...

Registry SourceRecently Updated
6540Profile unavailable