Metadata-Version: 2.4
Name: certguard
Version: 0.1.0
Summary: Check SSL certificate expiry from the command line
Project-URL: Homepage, https://github.com/hamzaplojovic/certguard
Project-URL: Repository, https://github.com/hamzaplojovic/certguard
Project-URL: Issues, https://github.com/hamzaplojovic/certguard/issues
Author-email: Hamza Plojovic <hamza@hamzaplojovic.com>
License-Expression: MIT
License-File: LICENSE
Keywords: certificate,cli,devops,expiry,ssl,tls
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Typing :: Typed
Requires-Python: >=3.12
Requires-Dist: rich>=13.0.0
Requires-Dist: typer>=0.12.0
Description-Content-Type: text/markdown

# certguard

Check SSL certificate expiry from the command line.

[![PyPI version](https://img.shields.io/pypi/v/certguard)](https://pypi.org/project/certguard/)
[![Downloads](https://static.pepy.tech/badge/certguard)](https://pepy.tech/project/certguard)
[![Python](https://img.shields.io/pypi/pyversions/certguard)](https://pypi.org/project/certguard/)
[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)

## Install

```bash
pip install certguard
```

```bash
uv tool install certguard
```

```bash
brew install hamzaplojovic/tap/certguard
```

## Usage

Check a single host:

```bash
certguard check example.com
```

Check multiple hosts at once:

```bash
certguard check example.com google.com github.com
```

Use a custom port:

```bash
certguard check example.com:8443
```

Read hosts from a file (one per line, comments with `#`):

```bash
certguard check --file hosts.txt
```

Output as JSON:

```bash
certguard check example.com --json
```

Set a custom warning threshold (default is 30 days):

```bash
certguard check example.com --warn-days 14
```

## Output

certguard prints a table with one row per host. Columns include the host, port, status, expiry date, days remaining, and certificate issuer.

Status is color-coded:
- **OK** (green) means the certificate is valid and not expiring soon.
- **EXPIRING** (yellow) means the certificate expires within the warning threshold.
- **EXPIRED** (red) means the certificate has already expired.
- **ERROR** (red) means the connection failed (DNS, timeout, refused, etc.).

The exit code is `0` if all certificates are valid and not expiring soon, or `1` if any certificate is expired, expiring, or unreachable.

## Options

| Option | Short | Description |
|---|---|---|
| `--file PATH` | `-f` | Read hosts from a file |
| `--json` | `-j` | Output results as JSON |
| `--warn-days N` | `-w` | Warning threshold in days (default: 30) |
| `--timeout N` | `-t` | Connection timeout in seconds (default: 10) |
| `--version` | `-V` | Show version and exit |

## Why I built this

I got tired of manually checking certificate expiry dates across a bunch of domains. I wanted a single command I could run (or throw into a cron job) that tells me which certs are about to expire so I can fix them before they cause downtime. certguard does that and nothing more.

## License

MIT
