How to Find Expiry of SSL Certificates using Command line (certok) using Docker?

certok (cert ok) is a command-line tool that can quickly give you information related to SSL certificates.

If you have go – you can simply install certok inside the system by following command:

go get github.com/genuinetools/certok

Using Docker

I have created a docker image which can be used in place of go tool which is only 11mb in size.

Simply use it like following:

docker run --rm -it -v $(pwd):/app --user $(id -u):$(id -g) varunbatrait/certok:latest

Add it as alias: You can add the following line to your .zshrc file or .bashrc file.

alias certok='docker run --rm -it -v $(pwd):/app --user $(id -u):$(id -g) varunbatrait/certok:latest'

Usage with certok as Docker

Provided that you have added an alias you can use it like following

Create a hostsfile (or any file) with domains

webapplicationconsultant.com
varunbatra.com

Now run dockerized certok using certok

certok hostsfile
// One with Warning
certok --days=50 hostsfile

Sample output

NAME                              SUBJECT                         ISSUER                      ALGO                EXPIRES             SUNSET DATE         ERROR
varunbatra.com:443                *.varunbatra.com                Let's Encrypt Authority X3  SHA256-RSA          81 days                                 
webapplicationconsultant.com:443  *.webapplicationconsultant.com  Let's Encrypt Authority X3  SHA256-RSA          48 days                                 

Worth Sharing?

Dockerized Tor Browsing without Logs

Tor Project is the most popular browser to access internet in complete anonymity. There is a VPN alternative for the tor, However, I am concerned with finishing off as soon as I am done with the browsing.

I have written a one-liner which has no logging and it removes itself

sudo docker run -it  --log-driver none  --rm -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix:ro --entrypoint="/usr/local/bin/Browser/start-tor-browser" jess/tor-browser

–rm tells the docker to clean up the container once it is exit.

–log-driver none gives no logging while it is running.

–entrypoint disables the stdout

You can add an alias in your bashrc or zshrc file as following and access it with tor

alias tor='sudo docker run -it  --log-driver none  --rm -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix:ro --entrypoint="/usr/local/bin/Browser/start-tor-browser" jess/tor-browser'

Worth Sharing?

How to limit the docker log size?

Have you given a surprise after a month or two that all the space in your server is filled with docker logs? Do you know that if you don’t control the size of the log, it will also impact running containers?

These two problems can be resolved easily by configuring the docker container. It is preferred that you control each log size separately because some logs you don’t need much while some you do.

For instance, in case of Nginx/Apache you might want to keep more logs while for some less relevant applications like emailing, you might want to keep logs for only a few days.

version: "3.8"
services:
  nginx:
    image: nginx
    logging:
      driver: "json-file"
      options:
        max-size: "20m"
        max-file: "30"

This will ensure that at max, you will have 30 files and each file size will be a maximum of 20 megabytes. You can use 20k for kilobytes

Worth Sharing?