CER certificate not scanned

[frank-afa]

Binary certificate with extension ".cer" is not read by node-cert-exporter and not shown in export or Grafana

run "/usr/local/bin/node-cert-exporter-linux-amd64 --path=/data/ssl/certs"

Expected resut : certificate shown in output

Would be good to have som logging when issues appear.

Version: 1.0.0 Commit: 437ae633d29ae9ac1f2aa41611d26f6426880ce4 Branch: HEAD GoVersion: 1.12

(paste your output here)

Centos 7

[amimof]

@frank-afa Thanks for reporting. Currently node-cert-exporter only supports PEM encoding. But I can definitely see a use case for adding binary encoding support. I'll keep this issue open meanwhile.

[frank-afa]

Hi AMri, Thanks for response. I was just wondering because in the sources, I can see an addition in extensions (.pfx and .cer ) being binary formats. Would be great to have it for cer files. Pfx files , I assume, will not be possible because you have to have the password , right ? /Frank

Från: Amir Mofasser notifications@github.com Skickat: den 28 augusti 2020 08:09 Till: amimof/node-cert-exporter node-cert-exporter@noreply.github.com Kopia: Baumfalk Frank Frank.Baumfalk@afaforsakring.se; Mention mention@noreply.github.com Ämne: Re: [amimof/node-cert-exporter] CER certificate not scanned (#39)

@frank-afahttps://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Ffrank-afa&data=02%7C01%7Cfrank.baumfalk%40afaforsakring.se%7Cabdd8098ab87424f1faf08d84b18dfc2%7C1063e17f0bdd44f19b478a99cc3d9e5c%7C1%7C0%7C637341917493128411&sdata=zF0Lcqt9lqOEEVUaECLIQvyV7RwscmH8oV2vrr6Mk40%3D&reserved=0 Thanks for reporting. Currently node-cert-exporter only supports PEM encoding. But I can definitely see a use case for adding binary encoding support. I'll keep this issue open meanwhile.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Famimof%2Fnode-cert-exporter%2Fissues%2F39%23issuecomment-682345054&data=02%7C01%7Cfrank.baumfalk%40afaforsakring.se%7Cabdd8098ab87424f1faf08d84b18dfc2%7C1063e17f0bdd44f19b478a99cc3d9e5c%7C1%7C0%7C637341917493133399&sdata=EgkOm183aZtMET1oLb7v4l88wtdH9UgcLI23QMeIfw0%3D&reserved=0, or unsubscribehttps://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAQSL3D2QRC5TFJRK66RJWXTSC5CYDANCNFSM4QKOU6EQ&data=02%7C01%7Cfrank.baumfalk%40afaforsakring.se%7Cabdd8098ab87424f1faf08d84b18dfc2%7C1063e17f0bdd44f19b478a99cc3d9e5c%7C1%7C0%7C637341917493133399&sdata=eu44NhCbd6xrm%2Bd8N7jCekwo6X5U6zW8i4MavvblNIY%3D&reserved=0.

[amimof]

@frank-afa The file extensions don't have anything to do with the content, in this context. node-cert-exporter assumes pem-encoding for all those exentions. So we need to add binary encoding support to the project.

[rbeherar]

so does this mean the code doesn't support the .pfx and only supports extensions of .pem only. Also do we need to export all the certificates in the .pem or .crt? please could you help on this as I've been using this to monitor the certificates on a tomcat host.

[amimof]

As I said, it only supports the PEM-encoding format. Anyway there is a PR that introduces --include-glob and --exclude-glob flags. So extensions are no longer hard-coded and you can use whatever pattern you want. I would greatly appreciate it if you could build a binary of that commit and test it.

https://github.com/amimof/node-cert-exporter/pull/51

[rbeherar]

I will give a shot at this latest update. Will download and use the binary and test it out. If we use any jks file as it needs a password it will not work. May be we have to convert it into . pem format and then we have to read it

[amimof]

Latest version has these new parameters which solves this issue. Please reopen if problem persists.