search

maelstrom-cms / odin

An open-source domain monitoring tool built using Maelstrom 🤖 Uptime Robot + 🧐 Oh Dear + 🧪 SSL Labs + ⏰ Cronitor + 🕵🏻‍♂️ DNS Spy
Mozilla Public License 2.0
460 stars 92 forks source link

Adding an "already expired" ssl site fails. #36

Open kwri-avongluck opened 4 years ago

kwri-avongluck commented 4 years ago 
2020-09-24 17:48:40] local.ERROR: Could not download certificate for host `XXX.XXX.com` because Could not connect to `XXX.XXX.com`. {"userId":1,"exception":"[object] (Spatie\\SslCe
rtificate\\Exceptions\\CouldNotDownloadCertificate\\UnknownError(code: 0): Could not download certificate for host `XXX.XXX.com` because Could not connect to `XXX.XXX.com`. at /home
/odin/odin/vendor/spatie/ssl-certificate/src/Exceptions/CouldNotDownloadCertificate.php:24)
[stacktrace]
#0 /home/odin/odin/vendor/spatie/ssl-certificate/src/Downloader.php(171): Spatie\\SslCertificate\\Exceptions\\CouldNotDownloadCertificate::unknownError()
#1 /home/odin/odin/vendor/spatie/ssl-certificate/src/Downloader.php(90): Spatie\\SslCertificate\\Downloader->fetchCertificates()
#2 /home/odin/odin/vendor/spatie/ssl-certificate/src/Downloader.php(120): Spatie\\SslCertificate\\Downloader->getCertificates()
#3 /home/odin/odin/vendor/spatie/ssl-certificate/src/Downloader.php(129): Spatie\\SslCertificate\\Downloader->forHost()
#4 /home/odin/odin/vendor/spatie/ssl-certificate/src/SslCertificate.php(31): Spatie\\SslCertificate\\Downloader::downloadCertificateFromUrl()
#5 /home/odin/odin/app/Checkers/Certificate.php(34): Spatie\\SslCertificate\\SslCertificate::createForHostName()
#6 /home/odin/odin/app/Checkers/Certificate.php(28): App\\Checkers\\Certificate->fetch()
#7 /home/odin/odin/app/Jobs/CertificateCheck.php(41): App\\Checkers\\Certificate->run()
#8 [internal function]: App\\Jobs\\CertificateCheck->handle()
#9 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Container/BoundMethod.php(37): call_user_func_array()
#10 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Container/Util.php(37): Illuminate\\Container\\BoundMethod::Illuminate\\Container\\{closure}()
#11 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Container/BoundMethod.php(95): Illuminate\\Container\\Util::unwrapIfClosure()
#12 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Container/BoundMethod.php(39): Illuminate\\Container\\BoundMethod::callBoundMethod()
#13 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Container/Container.php(596): Illuminate\\Container\\BoundMethod::call()
#14 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Bus/Dispatcher.php(94): Illuminate\\Container\\Container->call()
#15 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\\Bus\\Dispatcher->Illuminate\\Bus\\{closure}()
#16 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#17 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Bus/Dispatcher.php(98): Illuminate\\Pipeline\\Pipeline->then()
#18 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Foundation/Bus/Dispatchable.php(53): Illuminate\\Bus\\Dispatcher->dispatchNow()
#19 /home/odin/odin/app/Http/Controllers/CertificateReportController.php(21): App\\Jobs\\CertificateCheck::dispatchNow()
#20 [internal function]: App\\Http\\Controllers\\CertificateReportController->__invoke()
#21 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(54): call_user_func_array()
#22 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(45): Illuminate\\Routing\\Controller->callAction()
#23 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Routing/Route.php(239): Illuminate\\Routing\\ControllerDispatcher->dispatch()
#24 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Routing/Route.php(196): Illuminate\\Routing\\Route->runController()
#25 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Routing/Router.php(685): Illuminate\\Routing\\Route->run()
#26 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\\Routing\\Router->Illuminate\\Routing\\{closure}()
#27 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Routing/Middleware/SubstituteBindings.php(41): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#28 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Routing\\Middleware\\SubstituteBindings->handle()
#29 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php(44): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#30 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Auth\\Middleware\\Authenticate->handle()
#31 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php(77): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#32 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\VerifyCsrfToken->handle()
#33 /home/odin/odin/vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(49): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#34 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\View\\Middleware\\ShareErrorsFromSession->handle()
#35 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(116): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#36 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(62): Illuminate\\Session\\Middleware\\StartSession->handleStatefulRequest()
#37 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Session\\Middleware\\StartSession->handle()
#38 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#39 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Cookie\\Middleware\\AddQueuedCookiesToResponse->handle()
#40 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(67): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#41 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Cookie\\Middleware\\EncryptCookies->handle()
#42 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#43 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Routing/Router.php(687): Illuminate\\Pipeline\\Pipeline->then()
#44 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Routing/Router.php(662): Illuminate\\Routing\\Router->runRouteWithinStack()
#45 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Routing/Router.php(628): Illuminate\\Routing\\Router->runRoute()
#46 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Routing/Router.php(617): Illuminate\\Routing\\Router->dispatchToRoute()
#47 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(165): Illuminate\\Routing\\Router->dispatch()
#48 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\\Foundation\\Http\\Kernel->Illuminate\\Foundation\\Http\\{closure}()
#49 /home/odin/odin/vendor/barryvdh/laravel-debugbar/src/Middleware/InjectDebugbar.php(60): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#50 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Barryvdh\\Debugbar\\Middleware\\InjectDebugbar->handle()
#51 /home/odin/odin/vendor/fideloper/proxy/src/TrustProxies.php(57): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#52 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Fideloper\\Proxy\\TrustProxies->handle()
#53 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#54 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle()
#55 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#56 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle()
#57 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#58 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize->handle()
#59 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(63): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#60 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode->handle()
#61 /home/odin/odin/vendor/owenmelbz/domain-enforcement/src/DomainEnforcementAgency.php(34): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#62 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): OwenMelbz\\DomainEnforcement\\DomainEnforcementAgency->handle()
#63 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#64 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(140): Illuminate\\Pipeline\\Pipeline->then()
#65 /home/odin/odin/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(109): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter()
#66 /home/odin/odin/public/index.php(55): Illuminate\\Foundation\\Http\\Kernel->handle()
#67 {main}
"}
OwenMelbz commented 4 years ago

Hi,

This looks like it's related to the SSL package by Spatie spatie/ssl-certificate

Will give it a look when we get some time, or if you could submit a PR to fix it then can merge.

Thanks

kwri-avongluck commented 4 years ago

The issue appears to be due to "spatie/ssl-certificate" adding a "verify" flag to it's certificate downloader:

   public function withVerifyPeer(bool $verifyPeer)
    {
        $this->verifyPeer = $verifyPeer;

        return $this;
    }

    public function withVerifyPeerName(bool $verifyPeerName)
    {
        $this->verifyPeerName = $verifyPeerName;

        return $this;
    }

There's a bug about it here: https://github.com/spatie/ssl-certificate/issues/69

Here's the workaround:

diff --git a/app/Checkers/Certificate.php b/app/Checkers/Certificate.php
index bcbca87..058da18 100644
--- a/app/Checkers/Certificate.php
+++ b/app/Checkers/Certificate.php
@@ -31,7 +31,7 @@ class Certificate

     private function fetch()
     {
-        $certificate = SslCertificate::createForHostName($this->website->certificate_hostname);
+        $certificate = SslCertificate::download()->withVerifyPeer(false)->withVerifyPeerName(false)->forHost($this->website->certificate_hostname);

         $scan = new CertificateScan([
             'issuer' => $certificate->getIssuer(),
OwenMelbz commented 4 years ago

Hey @kwri-avongluck

Thanks for supplying the fix.

Are you able to provide a demo domain with an expired SSL so we can test our end please?

Thanks

laurensramandt commented 3 years ago

https://expired.badssl.com/