Skip to content

agebhar1/micrometer-certs-expiration

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

371 Commits
.github
.github
 
 
.mvn/wrapper
.mvn/wrapper
 
 
project
project
 
 
samples
samples
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.adoc
README.adoc
 
 
mvnw
mvnw
 
 
mvnw.cmd
mvnw.cmd
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Micrometer Certifications Expiration Metric badge badge

Motivation

To keep track of the expiration date for your used certificates in your (cloud) JVM application one need to monitor them. This micrometer.io metric expose the expiration date for each provided certificate.

Usage

<dependency>
    <groupId>io.github.agebhar1</groupId>
    <artifactId>micrometer-certs-expiration</artifactId>
    <version>x.y.z</version>
</dependency>

Plain Java

final DefaultX509CertificateMetricTagFactory factory =
    new DefaultX509CertificateMetricTagFactory();
final X509CertificateSource source = new CustomGlobalTrustStoreX509Certificates();

new X509CertificateExpirationMetrics(factory, source).bindTo(registry);

Spring Boot 2/3

@Bean
public X509CertificateExpirationMetrics x509CertificateExpirationMetrics() {

    final DefaultX509CertificateMetricTagFactory factory = new DefaultX509CertificateMetricTagFactory();
    final X509CertificateSource source = X509CertificateSourceComposite.of(
        new CustomGlobalTrustStoreX509Certificates());

    return new X509CertificateExpirationMetrics(factory, source);
}

See example (Spring Boot 3).

Quarkus 2/3

@Produces
public X509CertificateExpirationMetrics x509CertificateExpirationMetrics() {
    final DefaultX509CertificateMetricTagFactory factory = new DefaultX509CertificateMetricTagFactory();
    final X509CertificateSource source = X509CertificateSourceComposite.of(new CustomGlobalTrustStoreX509Certificates());

    return new X509CertificateExpirationMetrics(factory, source);
}

See example.

Micronaut 3/4

@Factory
@RequiresMetrics
public static class X509CertificateExpirationMetricsFactory {

    @Bean
    @Singleton
    @Primary
    public X509CertificateExpirationMetrics x509CertificateExpirationMetrics() {
        final DefaultX509CertificateMetricTagFactory factory = new DefaultX509CertificateMetricTagFactory();
        final X509CertificateSource source = X509CertificateSourceComposite.of(new CustomGlobalTrustStoreX509Certificates());

        return new X509CertificateExpirationMetrics(factory, source);
    }

}

See example (Micronaut 4).

Metric Tags

To distinguish the certificates within the metric a set of tags are required. The DefaultX509CertificateMetricTagFactory creates for each certificate a tag with key subjectDN with the value from the certificate itself.

ℹ️
 You can customize the behaviour by your own implementation of X509CertificateMetricTagFactory.

Collect Certifications

(Custom Global) TrustStore

To keep track of all certificates provided by the custom global TrustStore via system properties

javax.net.ssl.trustStore=
javax.net.ssl.trustStorePassword=
javax.net.ssl.trustStoreType=[jks|pkcs12]

use CustomGlobalTrustStoreX509Certificates. It reads all certificates from the store.

🔥
 If the trust store password is not provided, an empty collection is returned. In case of an invalid one an exception is thrown. See test cases for more information.

Custom

To provide a custom set of certificates you need to implement X509CertificateSource interface.

💡
 For convenience the X509CertificateSourceComposite class collects all certificates from the provided sources.

License

This project is Open Source software and released under the Apache 2.0 license.

About

Micrometer (X509) Certificates Expiration Metrics

Topics

jvm metrics micrometer x509certificates

Resources

Readme

License

Apache-2.0 license
Activity

Stars

8 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases 1

v0.1.0 Latest
Mar 20, 2021

Packages

No packages published

Contributors 2

Languages