{ "id": "qWIjfDtJ5y0qTmq0", "name": "SSL Cert Monitor", "tags": [], "nodes": [ { "id": "2084a9a4-71b4-40ad-900a-150defc9f8c4", "name": "Sticky Note", "type": "n8n-nodes-base.stickyNote", "position": [ -624, -16 ], "parameters": { "width": 592, "height": 752, "content": "# SSL Cert Monitor\n\n\n## How it works\n\n1. Workflow triggers daily at 8 AM to check SSL certificate status.\n2. Domain list is fetched from Google Sheets for processing.\n3. SSL certificates are verified and checked for validity and expiration.\n4. Initial filtering removes non-alerting domains and classifies severity levels.\n5. Alerts are sent to Slack, while critical alerts are escalated to Linear issue tracking and logged.\n\n\n## Setup steps\n\n- [ ] Configure the schedule trigger to run at 8 AM in your desired timezone\n- [ ] Connect Google Sheets and authorize access to read the domains list\n- [ ] Set up SSL certificate checking logic in the code node (valid certificate paths, expiration thresholds)\n- [ ] Configure Slack webhook or bot token for the #ssl-alerts channel\n- [ ] Set up Linear API credentials for creating automated issue tickets\n- [ ] Configure the logging Google Sheet for audit trail storage\n- [ ] Define severity classification rules and alert filtering thresholds in code nodes\n\n\n## Customization\n\nAdjust the time threshold in the filter alert node to change which certificate expiration windows trigger escalation. Modify severity classification rules based on your organization's risk tolerance. Customize Slack message formatting and Linear issue templates." }, "typeVersion": 1 }, { "id": "92bbf5ba-ac0b-46f4-8302-2c7fa2d71b07", "name": "Sticky Note1", "type": "n8n-nodes-base.stickyNote", "position": [ 48, -16 ], "parameters": { "color": 7, "width": 720, "height": 304, "content": "## Trigger and data collection\n\nDaily schedule trigger fetches domain list from Google Sheets and initiates SSL certificate checking routine." }, "typeVersion": 1 }, { "id": "ad334b27-931f-4848-8a50-adf3def173b9", "name": "Sticky Note2", "type": "n8n-nodes-base.stickyNote", "position": [ 48, 320 ], "parameters": { "color": 7, "width": 480, "height": 320, "content": "## Alert filtering and classification\n\nFilters SSL check results to identify alert conditions and classifies them by severity level for appropriate routing." }, "typeVersion": 1 }, { "id": "b2b0d8a6-9542-41ba-ad14-53e12f2d9820", "name": "Sticky Note3", "type": "n8n-nodes-base.stickyNote", "position": [ 800, 192 ], "parameters": { "color": 7, "height": 336, "content": "## Slack notifications\n\nSends classified SSL alerts to the #ssl-alerts Slack channel for team visibility." }, "typeVersion": 1 }, { "id": "6e2fdadf-e25c-4191-a1aa-3dfef8bfd8ac", "name": "Sticky Note4", "type": "n8n-nodes-base.stickyNote", "position": [ 1072, 256 ], "parameters": { "color": 7, "width": 608, "height": 512, "content": "## Critical alert escalation\n\nRoutes critical alerts to Linear issue tracker and appends details to audit log in Google Sheets." }, "typeVersion": 1 }, { "id": "0b0278e9-e7e1-4b71-b1fc-862ba750ebd6", "name": "Every Day at 8 AM", "type": "n8n-nodes-base.scheduleTrigger", "position": [ 96, 112 ], "parameters": { "rule": { "interval": [ { "field": "cronExpression", "expression": "0 8 * * *" } ] } }, "typeVersion": 1.3 }, { "id": "9b435ef1-2112-4bed-be6c-a1b2fb117046", "name": "Check SSL Certificate Expiry", "type": "n8n-nodes-base.code", "position": [ 624, 112 ], "parameters": { "jsCode": "const tls = require('tls');\nconst results = [];\n\nfor (const item of $input.all()) {\n const { domain, environment, owner, team, added_on } = item.json;\n\n try {\n const certInfo = await new Promise((resolve, reject) => {\n const socket = tls.connect(\n {\n host: domain,\n port: 443,\n rejectUnauthorized: false,\n timeout: 10000,\n servername: domain\n },\n () => {\n const cert = socket.getPeerCertificate();\n socket.destroy();\n\n if (!cert || !cert.valid_to) {\n return reject(new Error('No certificate found'));\n }\n\n const expiryDate = new Date(cert.valid_to);\n const daysLeft = Math.floor((expiryDate - new Date()) / 86400000);\n\n resolve({\n domain,\n environment: environment || null,\n owner: owner || null,\n team: team || null,\n added_on: added_on || null,\n days_left: daysLeft,\n expiry_date: expiryDate.toISOString().split('T')[0],\n issuer: cert.issuer?.O || cert.issuer?.CN || 'Unknown',\n error: null\n });\n }\n );\n\n socket.on('error', reject);\n socket.on('timeout', () => {\n socket.destroy();\n reject(new Error('Connection timed out'));\n });\n });\n\n results.push({ json: certInfo });\n\n } catch (err) {\n results.push({\n json: {\n domain,\n environment: environment || null,\n owner: owner || null,\n team: team || null,\n added_on: added_on || null,\n days_left: null,\n expiry_date: null,\n issuer: null,\n error: err.message\n }\n });\n }\n}\n\nreturn results;" }, "typeVersion": 2 }, { "id": "2cf6aa1f-d35f-4450-bd5e-636bdde2d913", "name": "Read Domains from Sheets", "type": "n8n-nodes-base.googleSheets", "position": [ 384, 112 ], "parameters": { "options": {}, "filtersUI": { "values": [] }, "sheetName": { "__rl": true, "mode": "list", "value": "gid=0", "cachedResultUrl": "https://docs.google.com/spreadsheets/d/1aVLaF711Un6KVPbRfiyJqZxa1m-VsNvovuz2cP0_or8/edit#gid=0", "cachedResultName": "domains" }, "documentId": { "__rl": true, "mode": "list", "value": "1aVLaF711Un6KVPbRfiyJqZxa1m-VsNvovuz2cP0_or8", "cachedResultUrl": "https://docs.google.com/spreadsheets/d/1aVLaF711Un6KVPbRfiyJqZxa1m-VsNvovuz2cP0_or8/edit?usp=drivesdk", "cachedResultName": "SSL cert monitor" } }, "typeVersion": 4.7 }, { "id": "aeea2b9a-bd28-4702-90d2-d442491a5b1d", "name": "Classify Alert Severity", "type": "n8n-nodes-base.code", "position": [ 384, 480 ], "parameters": { "jsCode": "const runId = new Date().toISOString();\nconst today = new Date().toLocaleDateString('en-GB', {\n weekday: 'long', day: 'numeric', month: 'long', year: 'numeric'\n});\n\nconst classified = $input.all().map(item => {\n const d = item.json;\n let severity;\n\n if (d.error !== null || d.days_left === null) {\n severity = 'error';\n } else if (d.days_left < 0) {\n severity = 'expired';\n } else if (d.days_left <= 7) {\n severity = 'critical';\n } else if (d.days_left <= 15) {\n severity = 'warning';\n } else if (d.days_left <= 30) {\n severity = 'notice';\n } else {\n severity = 'healthy';\n }\n\n return {\n timestamp: runId,\n domain: d.domain,\n days_left: d.days_left,\n severity,\n expiry_date: d.expiry_date,\n issuer: d.issuer,\n jira_ticket: null,\n run_id: runId,\n environment: d.environment,\n owner: d.owner,\n team: d.team,\n error: d.error\n };\n});\n\nconst expired = classified.filter(d => d.severity === 'expired');\nconst error = classified.filter(d => d.severity === 'error');\nconst critical = classified.filter(d => d.severity === 'critical');\nconst warning = classified.filter(d => d.severity === 'warning');\nconst notice = classified.filter(d => d.severity === 'notice');\n\nconst wrapCode = (rows) => '```' + '\\n' + rows.join('\\n') + '\\n' + '```';\n\nconst total = $input.first().json._total_domains;\n\nconst lines = [\n `*SSL Certificate Monitor \u00b7 ${new Date().toLocaleDateString('en-GB', { weekday: 'short', day: 'numeric', month: 'short', year: 'numeric' })}*`,\n `${total} domains checked \u00b7 ${expired.length + error.length} expired \u00b7 ${critical.length} critical \u00b7 ${warning.length} warning \u00b7 ${notice.length} notice`,\n];\n\nif (expired.length) {\n lines.push('');\n lines.push('*Expired*');\n lines.push(wrapCode(expired.map(d =>\n `${d.domain.padEnd(35)} ${d.environment.padEnd(12)} ${d.expiry_date} ${Math.abs(d.days_left)}d overdue`\n )));\n}\n\nif (error.length) {\n lines.push('');\n lines.push('*Check Failed*');\n lines.push(wrapCode(error.map(d =>\n `${d.domain.padEnd(35)} ${d.environment.padEnd(12)} unreachable`\n )));\n}\n\nif (critical.length) {\n lines.push('');\n lines.push('*Critical*');\n lines.push(wrapCode(critical.map(d =>\n `${d.domain.padEnd(35)} ${d.environment.padEnd(12)} ${d.expiry_date} ${d.days_left}d remaining`\n )));\n}\n\nif (warning.length) {\n lines.push('');\n lines.push('*Warning*');\n lines.push(wrapCode(warning.map(d =>\n `${d.domain.padEnd(35)} ${d.environment.padEnd(12)} ${d.expiry_date} ${d.days_left}d remaining`\n )));\n}\n\nif (notice.length) {\n lines.push('');\n lines.push('*Notice*');\n lines.push(wrapCode(notice.map(d =>\n `${d.domain.padEnd(35)} ${d.environment.padEnd(12)} ${d.expiry_date} ${d.days_left}d remaining`\n )));\n}\n\nreturn [\n { json: { slackMessage: lines.join('\\n'), _output: 'slack' } },\n ...classified.map(d => ({ json: { ...d, _output: 'log' } }))\n];" }, "typeVersion": 2 }, { "id": "84b752e3-467d-47db-bd99-0ee7bcedc2e1", "name": "Post Alert to Slack", "type": "n8n-nodes-base.slack", "position": [ 848, 368 ], "parameters": { "text": "={{ $json.slackMessage }}", "select": "channel", "channelId": { "__rl": true, "mode": "list", "value": "C08ULTYPMA4", "cachedResultName": "all-lets-automate" }, "otherOptions": { "includeLinkToWorkflow": false }, "authentication": "oAuth2" }, "executeOnce": true, "typeVersion": 2.4 }, { "id": "b274e41c-2a05-4d54-afab-3081d6ac6a5b", "name": "Filter Expiring Certs", "type": "n8n-nodes-base.code", "position": [ 96, 480 ], "parameters": { "jsCode": "const all = $input.all();\nconst total = all.length;\n\nreturn all\n .filter(item => {\n const d = item.json;\n if (d.error !== null) return true;\n if (d.days_left === null) return true;\n if (d.days_left <= 30) return true;\n return false;\n })\n .map(item => ({\n json: { ...item.json, _total_domains: total }\n }));" }, "typeVersion": 2 }, { "id": "74d4e402-8799-4f8b-b2a6-70e8236303d5", "name": "Append Alert Log to Sheets", "type": "n8n-nodes-base.googleSheets", "position": [ 1536, 592 ], "parameters": { "columns": { "value": { "days": "={{ $json.days_left }}", "domain": "={{ $('Filter High Priority Alerts').item.json.domain }}", "issuer": "={{ $('Filter High Priority Alerts').item.json.issuer }}", "run_id": "={{ $('Filter High Priority Alerts').item.json.run_id }}", "severity": "={{ $('Filter High Priority Alerts').item.json.severity }}", "timestamp": "={{ $('Classify Alert Severity').item.json.timestamp }}", "expiry_date": "={{ $('Filter High Priority Alerts').item.json.expiry_date }}" }, "schema": [ { "id": "timestamp", "type": "string", "display": true, "required": false, "displayName": "timestamp", "defaultMatch": false, "canBeUsedToMatch": true }, { "id": "domain", "type": "string", "display": true, "removed": false, "required": false, "displayName": "domain", "defaultMatch": false, "canBeUsedToMatch": true }, { "id": "days", "type": "string", "display": true, "removed": false, "required": false, "displayName": "days", "defaultMatch": false, "canBeUsedToMatch": true }, { "id": "severity", "type": "string", "display": true, "required": false, "displayName": "severity", "defaultMatch": false, "canBeUsedToMatch": true }, { "id": "expiry_date", "type": "string", "display": true, "required": false, "displayName": "expiry_date", "defaultMatch": false, "canBeUsedToMatch": true }, { "id": "issuer", "type": "string", "display": true, "required": false, "displayName": "issuer", "defaultMatch": false, "canBeUsedToMatch": true }, { "id": "run_id", "type": "string", "display": true, "required": false, "displayName": "run_id", "defaultMatch": false, "canBeUsedToMatch": true } ], "mappingMode": "defineBelow", "matchingColumns": [ "domain" ], "attemptToConvertTypes": false, "convertFieldsToString": false }, "options": {}, "operation": "appendOrUpdate", "sheetName": { "__rl": true, "mode": "list", "value": 2074436468, "cachedResultUrl": "https://docs.google.com/spreadsheets/d/1aVLaF711Un6KVPbRfiyJqZxa1m-VsNvovuz2cP0_or8/edit#gid=2074436468", "cachedResultName": "logs" }, "documentId": { "__rl": true, "mode": "list", "value": "1aVLaF711Un6KVPbRfiyJqZxa1m-VsNvovuz2cP0_or8", "cachedResultUrl": "https://docs.google.com/spreadsheets/d/1aVLaF711Un6KVPbRfiyJqZxa1m-VsNvovuz2cP0_or8/edit?usp=drivesdk", "cachedResultName": "SSL cert monitor" } }, "typeVersion": 4.7 }, { "id": "3e5caa83-8d60-41ce-b293-299e87689f89", "name": "Create Issue in Linear", "type": "n8n-nodes-base.linear", "position": [ 1536, 384 ], "parameters": { "title": "=[SSL] {{ $json.domain }} \u2014 {{ $json.severity.toUpperCase() }} \u2014 {{ $json.days_left < 0 ? Math.abs($json.days_left) + 'd overdue' : $json.days_left + 'd remaining' }}", "teamId": "acbf102c-b6aa-4466-aca0-01a25dc76cc3", "authentication": "oAuth2", "additionalFields": { "description": "=**Domain:** {{ $json.domain }}\n**Environment:** {{ $json.environment }}\n**Severity:** {{ $json.severity.toUpperCase() }}\n**Expiry date:** {{ $json.expiry_date }}\n**Issuer:** {{ $json.issuer }}\n**Owner:** {{ $json.owner }}\n**Team:** {{ $json.team }}\n**Run ID:** {{ $json.run_id }}" } }, "typeVersion": 1.1 }, { "id": "74684a64-075b-42f1-bb09-484a45671918", "name": "Filter High Priority Alerts", "type": "n8n-nodes-base.code", "position": [ 1120, 592 ], "parameters": { "jsCode": "return $input.all().filter(item => {\n const d = item.json;\n return d._output === 'log' && (d.severity === 'expired' || d.severity === 'critical');\n});" }, "typeVersion": 2 } ], "active": false, "settings": { "binaryMode": "separate", "executionOrder": "v1" }, "versionId": "47faf5d2-54b1-4098-9e71-e9ca51027996", "connections": { "Every Day at 8 AM": { "main": [ [ { "node": "Read Domains from Sheets", "type": "main", "index": 0 } ] ] }, "Filter Expiring Certs": { "main": [ [ { "node": "Classify Alert Severity", "type": "main", "index": 0 } ] ] }, "Classify Alert Severity": { "main": [ [ { "node": "Post Alert to Slack", "type": "main", "index": 0 }, { "node": "Filter High Priority Alerts", "type": "main", "index": 0 } ] ] }, "Read Domains from Sheets": { "main": [ [ { "node": "Check SSL Certificate Expiry", "type": "main", "index": 0 } ] ] }, "Filter High Priority Alerts": { "main": [ [ { "node": "Create Issue in Linear", "type": "main", "index": 0 }, { "node": "Append Alert Log to Sheets", "type": "main", "index": 0 } ] ] }, "Check SSL Certificate Expiry": { "main": [ [ { "node": "Filter Expiring Certs", "type": "main", "index": 0 } ] ] } } }