Hex.pm Certificate expired Jul. 31 2025

You inspired me to cobble something together (it’s in Bash, sorry).

It’s a script that checks the certificate expiration date for a bunch of domains, then uses notify-send to send a notification for each domain that has a certificate that expires in 3 days or less. Then I made it run in a cronjob once per hour.

/home/user/scripts/network/cert-checker.sh

#!/bin/bash

# List of domains to check
DOMAINS="forum.elixirforum.com erlangforums.com hex.pm hexdocs.pm"

# # Log file (optional, for debugging)
# LOG_FILE="/tmp/cert_check.log"

for domain in $DOMAINS; do
  exp_date=$(echo | openssl s_client -connect $domain:443 -servername $domain 2>/dev/null | openssl x509 -noout -enddate | cut -d= -f2)
  
  # Check if we got a valid date
  if [ -n "$exp_date" ]; then
    exp_time=$(date -d "$exp_date" +%s) && 
    current_time=$(date +%s) && 
    diff_seconds=$((exp_time - current_time)) && 
    diff_days=$((diff_seconds / 86400)) && 
    diff_hours=$(((diff_seconds % 86400) / 3600)) && 
    if [ $diff_days -le 3 ] && [ $diff_days -ge 0 ]; then 
      notify-send "Certificate Alert" "$domain expires in $diff_days days and $diff_hours hours"
      # # Optional: log to file
      # echo "$(date): $domain expires in $diff_days days and $diff_hours hours" >> $LOG_FILE
    fi
  fi
done

Make it executable with chmod +x /path/to/script, then add it to a cronjob to check the certs once per hour:

0 * * * * DISPLAY=:0 /home/user/scripts/network/cert-checker.sh

Seems to be working so far.

I put this together with a lot of help from the new Qwen3-Coder model.