sonar-check-cert-batch
Check SSL certificates for dst_ip:dst_port combinations from input records with LRU caching
sonar-check-cert-batch [timeout=NUM{m|s}] [cache-size=CACHE-SIZE]
- timeout=NUM{m|s}
- Connection timeout in seconds (default: 10)
- cache-size=CACHE-SIZE
- Maximum number of cached certificate results (default: 1000)
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| cert_error | String | Error | Error message if check failed |
| cert_subject | String | Certificate subject | Certificate subject DN |
| cert_issuer | String | Certificate issuer | Certificate issuer DN |
| cert_san_domains | String | SAN domains | Subject Alternative Names |
| cert_is_trusted | Bool | Is trusted | Whether certificate is trusted by JDK trust store |
| cert_is_expired | Bool | Is expired | Whether certificate is expired |
| cert_not_before | Date | Valid from | Certificate valid from date |
| cert_not_after | Date | Valid until | Certificate expiration date |
| cert_days_remaining | Long | Days remaining | Days until expiration |
| cert_key_algorithm | String | Key algorithm | Public key algorithm |
| cert_signature_algorithm | String | Signature algorithm | Certificate signature algorithm |
| cert_key_size | Integer | Key size | Key size in bits |
| cert_chain_length | Integer | Chain length | Certificate chain length |
| cert_serial_number | String | Serial number | Certificate serial number |
| cert_cached | Bool | Cached | Whether result was from cache |