in hertzbeat-collector/hertzbeat-collector-basic/src/main/java/org/apache/hertzbeat/collector/collect/http/SslCertificateCollectImpl.java [70:166]
public void collect(CollectRep.MetricsData.Builder builder,
Metrics metrics) {
long startTime = System.currentTimeMillis();
HttpProtocol httpProtocol = metrics.getHttp();
String url = httpProtocol.getUrl();
if (!StringUtils.hasText(url) || !url.startsWith(RIGHT_DASH)) {
httpProtocol.setUrl(StringUtils.hasText(url) ? RIGHT_DASH + url.trim() : RIGHT_DASH);
}
HttpsURLConnection urlConnection = null;
try {
String uri = "";
if (IpDomainUtil.isHasSchema(httpProtocol.getHost())) {
uri = httpProtocol.getHost() + ":" + httpProtocol.getPort();
} else {
uri = "https://" + httpProtocol.getHost() + ":" + httpProtocol.getPort();
}
urlConnection = (HttpsURLConnection) new URL(uri).openConnection();
boolean verifySsl = Boolean.parseBoolean(httpProtocol.getSsl());
// ignore ssl verify
if (!verifySsl){
SSLContext ignoreSslContext = createIgnoreVerifySslContext();
urlConnection.setSSLSocketFactory(ignoreSslContext.getSocketFactory());
}
urlConnection.connect();
Certificate[] certificates = urlConnection.getServerCertificates();
if (certificates == null || certificates.length == 0) {
builder.setCode(CollectRep.Code.FAIL);
builder.setMsg("Ssl certificate does not exist.");
return;
}
long responseTime = System.currentTimeMillis() - startTime;
for (Certificate certificate : urlConnection.getServerCertificates()) {
X509Certificate x509Certificate = (X509Certificate) certificate;
Date now = new Date();
Date deadline = x509Certificate.getNotAfter();
boolean expired = deadline != null && now.after(deadline);
CollectRep.ValueRow.Builder valueRowBuilder = CollectRep.ValueRow.newBuilder();
for (String alias : metrics.getAliasFields()) {
if (CollectorConstants.RESPONSE_TIME.equalsIgnoreCase(alias)) {
valueRowBuilder.addColumn(Long.toString(responseTime));
} else if (NAME_SUBJECT.equalsIgnoreCase(alias)) {
valueRowBuilder.addColumn(x509Certificate.getSubjectX500Principal().getName());
} else if (NAME_EXPIRED.equalsIgnoreCase(alias)) {
valueRowBuilder.addColumn(Boolean.toString(expired));
} else if (NAME_START_TIME.equalsIgnoreCase(alias)) {
valueRowBuilder.addColumn(x509Certificate.getNotBefore().toLocaleString());
} else if (NAME_START_TIMESTAMP.equalsIgnoreCase(alias)) {
valueRowBuilder.addColumn(String.valueOf(x509Certificate.getNotBefore().getTime()));
} else if (NAME_END_TIME.equalsIgnoreCase(alias)) {
valueRowBuilder.addColumn(x509Certificate.getNotAfter().toLocaleString());
} else if (NAME_END_TIMESTAMP.equalsIgnoreCase(alias)) {
valueRowBuilder.addColumn(String.valueOf(x509Certificate.getNotAfter().getTime()));
} else {
valueRowBuilder.addColumn(CommonConstants.NULL_VALUE);
}
}
builder.addValueRow(valueRowBuilder.build());
}
} catch (SSLPeerUnverifiedException e1) {
String errorMsg = "Ssl certificate does not exist.";
if (e1.getMessage() != null) {
errorMsg = e1.getMessage();
log.error(errorMsg);
}
builder.setCode(CollectRep.Code.FAIL);
builder.setMsg(errorMsg);
} catch (UnknownHostException e2) {
String errorMsg = CommonUtil.getMessageFromThrowable(e2);
log.info(errorMsg);
builder.setCode(CollectRep.Code.UN_REACHABLE);
builder.setMsg("unknown host:" + errorMsg);
} catch (InterruptedIOException | ConnectException | SSLException e3) {
String errorMsg = CommonUtil.getMessageFromThrowable(e3);
log.info(errorMsg);
builder.setCode(CollectRep.Code.UN_CONNECTABLE);
builder.setMsg(errorMsg);
} catch (IOException e4) {
String errorMsg = CommonUtil.getMessageFromThrowable(e4);
log.info(errorMsg);
builder.setCode(CollectRep.Code.FAIL);
builder.setMsg(errorMsg);
} catch (Exception e) {
String errorMsg = CommonUtil.getMessageFromThrowable(e);
log.error(errorMsg, e);
builder.setCode(CollectRep.Code.FAIL);
builder.setMsg(errorMsg);
} finally {
if (urlConnection != null) {
urlConnection.disconnect();
}
}
}