feat: log when rpc certificate is going to expire in less then 90 day…

…s, log error when less then 14.
lart2150 · Apr 29, 2024 · 38ed319 · 38ed319
1 parent 7812270
commit 38ed319
Showing 1 changed file with 22 additions and 0 deletions.
diff --git a/src/com/tivo/kmttg/rpc/TiVoRPC.java b/src/com/tivo/kmttg/rpc/TiVoRPC.java
@@ -16,6 +16,12 @@
 import java.security.UnrecoverableKeyException;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
+import java.sql.Date;
+import java.text.SimpleDateFormat;
+import java.time.LocalDateTime;
+import java.time.ZoneId;
+import java.time.temporal.ChronoUnit;
+import java.time.temporal.Temporal;
 import java.util.Arrays;
 import java.util.Enumeration;
 import java.util.Random;
@@ -30,6 +36,7 @@
 
 import com.tivo.kmttg.JSON.JSONObject;
 import com.tivo.kmttg.util.GetKeyStore;
+import com.tivo.kmttg.util.log;
 
 /**
  * Establish an RPC connection route with a TiVo using the provided cdata files.
@@ -215,6 +222,21 @@ private final void createSocketFactory() {
            KeyStore keyStore = getKeyStore.getKeyStore();
            String keyPassword = getKeyStore.getKeyPassword();
 
+           Enumeration<String> aliases = keyStore.aliases();
+
+           while (aliases.hasMoreElements()) {
+              String alias = aliases.nextElement();
+              X509Certificate crt = (X509Certificate) keyStore.getCertificate(alias);
+              LocalDateTime notAfter = crt.getNotAfter().toInstant().atZone(ZoneId.systemDefault()).toLocalDateTime();
+
+              int expiresDays = (int) ChronoUnit.DAYS.between(LocalDateTime.now(), notAfter);
+              if (expiresDays < 14) {
+                 log.error("RPC Certificate expires in " + expiresDays + " days.");
+              } else if (expiresDays < 90) {
+                 log.warn("RPC Certificate expires in " + expiresDays + " days.");
+              }
+           }
+
            KeyManagerFactory fac = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            fac.init(keyStore, keyPassword.toCharArray());
            SSLContext context = SSLContext.getInstance("TLS");