4 files changed, 81 insertions(+), 0 deletions(-)

A .gitignore
A Makefile
A go.mod
A main.go

@@ 1,5 @@
+go.sum
+wasm_exec.js
+x509-validator
+x509-validator.wasm
+

@@ 1,21 @@
+go.mod:
+	go mod init git.dominic-ricottone.com/~dricottone/x509-validator
+
+GO_SRC!=find * -type f -name '*.go'
+
+x509-validator: go.mod $(GO_SRC)
+	go build -o x509-validator .
+
+x509-validator.wasm: go.mod $(GO_SRC)
+	GOARCH=wasm GOOS=js go build -o x509-validator.wasm .
+
+wasm_exec.js:
+	cp "$$(go env GOROOT)/misc/wasm/wasm_exec.js" .
+
+.PHONY: clean
+clean:
+	rm -f x509-validator x509-validator.wasm wasm_exec.js
+
+.PHONY: build
+build: x509-validator x509-validator.wasm wasm_exec.js
+

@@ 1,3 @@
+module git.dominic-ricottone.com/~dricottone/x509-validator
+
+go 1.19

@@ 1,52 @@
+package main
+
+import (
+	"fmt"
+	"crypto/tls"
+	"time"
+)
+
+func main() {
+	domains := []string{
+		"www.dominic-ricottone.com",
+		"git.dominic-ricottone.com",
+		"www.intra.dominic-ricottone.com",
+		"media.intra.dominic-ricottone.com",
+	}
+
+	longest := 0
+	for _, d := range domains {
+		if longest < len(d) {
+			longest = len(d)
+		}
+	}
+
+	for _, d := range domains {
+		fmt.Printf("%*s: ", longest, d)
+
+		// I'm only ever going to care about real HTTPS certs,
+		// so I am hardcoding the port
+		name := d + ":443"
+
+		conn, err := tls.Dial("tcp", name, nil)
+		if err != nil {
+			fmt.Println("No certificate found")
+			continue
+		}
+	
+		expiry := conn.ConnectionState().PeerCertificates[0].NotAfter
+		timestamp := expiry.Format("Monday, January 2")
+		days := int(time.Until(expiry).Hours() / 24)
+	
+		if days < 0 {
+			fmt.Println("Expired")
+		} else if days < 1 {
+			fmt.Println("Expiring today")
+		} else if days < 2 {
+			fmt.Println("Valid for 1 day\n")
+		} else {
+			fmt.Printf("Valid for %d days (until %s)\n", days, timestamp)
+		}
+	}
+}
+