Display SSL expiry warnings (#2925)

2025-11-09 13:39:46 -05:00 · 2016-10-14 13:48:08 +02:00
parent 0320a77dc0
commit c03ce0f74a
11 changed files with 752 additions and 6 deletions
--- a/cmd/certs.go
+++ b/cmd/certs.go
@@ -17,8 +17,13 @@
 package cmd

 import (
+	"crypto/x509"
+	"encoding/pem"
+	"io/ioutil"
 	"os"
 	"path/filepath"
+
+	"github.com/pkg/errors"
 )

 // createCertsPath create certs path.
@@ -87,3 +92,47 @@ func isSSL() bool {
 	}
 	return false
 }
+
+func readCertificateChain() ([]*x509.Certificate, error) {
+	certPath := filepath.Join(mustGetCertsPath(), globalMinioCertFile)
+	file, err := os.Open(certPath)
+
+	if err != nil {
+		return nil, errors.Wrapf(err, "Could not open certificate for reading")
+	}
+	defer file.Close()
+
+	bytes, err2 := ioutil.ReadAll(file)
+
+	if err2 != nil {
+		return nil, errors.Wrapf(err2, "Could not read certificate contents")
+	}
+
+	return parseCertificateChain(bytes)
+}
+
+// Parses certificate chain
+func parseCertificateChain(bytes []byte) ([]*x509.Certificate, error) {
+	var certs []*x509.Certificate
+	var block *pem.Block
+	current := bytes
+
+	for len(current) > 0 {
+		block, current = pem.Decode(current)
+
+		if block == nil {
+			return nil, errors.New("Could not PEM block")
+		}
+
+		cert, err := x509.ParseCertificate(block.Bytes)
+
+		if err != nil {
+			return nil, errors.Wrapf(err, "Could not parse certficiate")
+		}
+
+		certs = append(certs, cert)
+
+	}
+
+	return certs, nil
+}