2019-07-08 18:01:36 +00:00
parent 021199a2f4
commit c95b421924
3 changed files with 52 additions and 1 deletions
--- a/util/OpsDiagnostics.cs
+++ b/util/OpsDiagnostics.cs
@@ -4,6 +4,10 @@ using System.Linq;
 using System.Net.Http;
 using Amazon.S3;

+//for ssl certs
+using System.Security.Cryptography.X509Certificates;
+using System.Threading.Tasks;
+
 namespace rockfishCore.Util
 {
    public static class OpsDiagnostics
@@ -36,6 +40,49 @@ namespace rockfishCore.Util
        }


+        /// <summary>
+        /// check if an ssl cert is within 10 days of expiry
+        /// </summary>
+        /// <param name="url"></param>
+        /// <returns></returns>
+        public static bool IsSSLCertAboutToExpire(string url)
+        {
+            var expires = GetServerCertificateExpiryAsync(url).Result;
+            //In 10 days will we be past the expiry date
+            var deadline = DateTime.Now.AddDays(10);
+            if (expires < deadline)
+            {
+                return true;
+            }
+
+            return false;
+        }
+
+
+
+        static async Task<DateTime> GetServerCertificateExpiryAsync(string url)
+        {
+            DateTime ret = DateTime.MinValue;
+            var httpClientHandler = new HttpClientHandler
+            {
+                ServerCertificateCustomValidationCallback = (_, cert, __, ___) =>
+                {
+                    ret = cert.NotAfter;
+                    return true;
+                }
+            };
+
+            var httpClient = new HttpClient(httpClientHandler);
+            await httpClient.SendAsync(new HttpRequestMessage(HttpMethod.Head, url));
+
+            return ret;
+        }
+
+
+
+
+
+
        public static List<string> GetFileListFromSpacesBackupStorage()
        {
            AmazonS3Config ClientConfig = new AmazonS3Config();
--- a/util/RfMail.cs
+++ b/util/RfMail.cs
@@ -766,6 +766,9 @@ namespace rockfishCore.Util
            {
                // Accept all SSL certificates
                client.ServerCertificateValidationCallback = (s, c, h, e) => true;
+                //case 3667 fix for intermittent cert issue hopefully
+                //https://github.com/jstedfast/MailKit/issues/515#issuecomment-439438242
+                client.CheckCertificateRevocation = false;
                //client.Connect(MAIL_IMAP_ADDRESS, MAIL_IMAP_PORT, true);
                if (mirrorServer)
                    client.Connect(MAIL_MIRROR_IMAP_ADDRESS, MAIL_IMAP_PORT);