Skip to content

Add server side TLS certificate expiry tracking and INFO telemetry #2913

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
YiwenZhang12 wants to merge 2 commits into
base: unstable
Choose a base branch
from
Open

Add server side TLS certificate expiry tracking and INFO telemetry #2913

YiwenZhang12 wants to merge 2 commits into from
+180 −0

Conversation

@YiwenZhang12
Copy link

@YiwenZhang12 YiwenZhang12 commented Dec 5, 2025
edited
Loading

regarding issue: #2784

  • Adding TLS certificate expiration parsing on the OpenSSL side and refresh the cached expiry at startup, CONFIG TLS changes, and hourly.

  • Emit a NOTICE when the server cert is expiring (with days remaining) and a WARNING once it expires.

  • Expose a new # TLS section in INFO with tls_enabled and tls_server_cert_expires_in_seconds so monitoring can alert on impending expiry.

Log:

"TLS server certificate expiring in N days"
"TLS server certificate has EXPIRED"

INFO:

# TLS
tls_enabled:yes
tls_server_cert_expires_in_seconds:2592000

@YiwenZhang12 YiwenZhang12 changed the title Add Server Side ejbgcbbunritikuevujfudbcjujijkdricrjhcbetnrkTLS certificate expiry tracking and INFO telemetry Add Server Side TLS certificate expiry tracking and INFO telemetry Dec 5, 2025
@YiwenZhang12 YiwenZhang12 marked this pull request as draft December 5, 2025 00:34
@YiwenZhang12 YiwenZhang12 changed the title Add Server Side TLS certificate expiry tracking and INFO telemetry Add server side TLS certificate expiry tracking and INFO telemetry Dec 5, 2025
issue/2784
5534e39 
Signed-off-by: Yiwen Zhang <[email protected]>
@YiwenZhang12
Copy link
Author

YiwenZhang12 commented Dec 5, 2025
edited
Loading

Hi @zuiderkwast , since we discussed this in the issue, I wanted to share the PR here. This PR is still missing tests, before I add them, I wanted to check whether the overall approach looks correct to you. No rush at all, and happy to iterate based on your feedback. Thank you!

@YiwenZhang12 YiwenZhang12 marked this pull request as ready for review December 5, 2025 00:55
@YiwenZhang12 YiwenZhang12 mentioned this pull request Dec 5, 2025
Open
@YiwenZhang12
update comments
1ce7c35 
Signed-off-by: Yiwen Zhang <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@YiwenZhang12 YiwenZhang12

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@YiwenZhang12