SourCerts

A proof of concept to ascertain the feasibility of using eBPF to monitor TLS certificate expirations. This test uses a uretprobe on OpenSSL's libssl to introspect the certificate of any application using libssl and making a call to SSL_get_peer_certificate.

Build

make build

Run

sudo ./sourcerts
./tests/https_get.rb

Example Probe Data

Pid: 1322867
    notBefore:  2021-05-24 03:58:34 +0000 UTC
    notAfter:   2021-08-16 03:58:33 +0000 UTC
    Subject:    US, California, Mountain View, Google LLC, www.google.com
    Issuer:     US, Google Trust Services, GTS CA 1O1

Name		Name	Last commit message	Last commit date
Latest commit History 33 Commits
cmd/sourcerts		cmd/sourcerts
include/openssl/sc_openssl		include/openssl/sc_openssl
java		java
openssl		openssl
tests		tests
vendor		vendor
.gitignore		.gitignore
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
compile_flags.txt		compile_flags.txt
go.mod		go.mod
go.sum		go.sum
sourcerts.bpf.c		sourcerts.bpf.c

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

SourCerts

Build

Run

Example Probe Data

About

Releases

Packages

Contributors 2

Languages

License

lollipopman/sourcerts

Folders and files

Latest commit

History

Repository files navigation

SourCerts

Build

Run

Example Probe Data

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Contributors 2

Languages

Packages