diff --git a/server/prometheus.js b/server/prometheus.js
index 3e4767b3d..c27f87f04 100644
--- a/server/prometheus.js
+++ b/server/prometheus.js
@@ -59,7 +59,7 @@ class Prometheus {
}
try {
- monitor_cert_days_remaining.set(this.monitorLabelValues, tlsInfo.daysRemaining)
+ monitor_cert_days_remaining.set(this.monitorLabelValues, tlsInfo.certInfo.daysRemaining)
} catch (e) {
console.error(e)
}
diff --git a/server/util-server.js b/server/util-server.js
index 29e4b11fd..66c50d8c2 100644
--- a/server/util-server.js
+++ b/server/util-server.js
@@ -185,38 +185,42 @@ const getDaysRemaining = (validFrom, validTo) => {
return daysRemaining;
};
-exports.checkCertificate = function (res) {
- const {
- valid_from,
- valid_to,
- subjectaltname,
- issuer,
- fingerprint,
- } = res.request.res.socket.getPeerCertificate(false);
+// Fix certificate Info for display
+// param: info - the chain obtained from getPeerCertificate()
+const parseCertificateInfo = function (info) {
+ let link = info;
- if (!valid_from || !valid_to || !subjectaltname) {
- throw {
- message: "No TLS certificate in response",
- };
+ while (link) {
+ if (!link.valid_from || !link.valid_to) {
+ break;
+ }
+ link.validTo = new Date(link.valid_to);
+ link.validFor = link.subjectaltname?.replace(/DNS:|IP Address:/g, "").split(", ");
+ link.daysRemaining = getDaysRemaining(new Date(), link.validTo);
+
+ // Move up the chain until loop is encountered
+ if (link.issuerCertificate == null) {
+ break;
+ } else if (link.fingerprint == link.issuerCertificate.fingerprint) {
+ link.issuerCertificate = null;
+ break;
+ } else {
+ link = link.issuerCertificate;
+ }
}
+ return info;
+};
+
+exports.checkCertificate = function (res) {
+ const info = res.request.res.socket.getPeerCertificate(true);
const valid = res.request.res.socket.authorized || false;
- const validTo = new Date(valid_to);
-
- const validFor = subjectaltname
- .replace(/DNS:|IP Address:/g, "")
- .split(", ");
-
- const daysRemaining = getDaysRemaining(new Date(), validTo);
+ const parsedInfo = parseCertificateInfo(info);
return {
- valid,
- validFor,
- validTo,
- daysRemaining,
- issuer,
- fingerprint,
+ valid: valid,
+ certInfo: parsedInfo
};
};
diff --git a/src/components/CertificateInfo.vue b/src/components/CertificateInfo.vue
new file mode 100644
index 000000000..0b23c9520
--- /dev/null
+++ b/src/components/CertificateInfo.vue
@@ -0,0 +1,30 @@
+
+ {{ $t("Certificate Info") }}
+ {{ $t("Certificate Chain") }}:
+
+
+
+
+
+ Subject:
+ {{ formatSubject(cert.subject) }}
+
+
+ Valid To:
+
+
+
+ Days Remaining:
+ {{ cert.daysRemaining }}
+
+
+ Issuer:
+ {{ formatSubject(cert.issuer) }}
+
+
+
+ Fingerprint:
+ {{ cert.fingerprint }}
+
(
(
- Valid: - | -{{ certInfo.valid }} | -
- Valid To: - | -|
- Days Remaining: - | -{{ certInfo.daysRemaining }} | -
- Issuer: - | -{{ certInfo.issuer }} | -
- Fingerprint: - | -{{ certInfo.fingerprint }} | -