Added a new input plugin to check SSL certs

[egarbi]

Required for all PRs:

• CHANGELOG.md updated (we recommend not updating this until the PR has been approved by a maintainer)
• Sign CLA (if not already signed)
• README.md updated (if adding a new plugin)

[wcgcoder]

The README.md in this pull request for the plugin is incorrect. The example text for telegraf.conf should read:

# SSL request given a list of servers (server:port) and a timeout
[[inputs.check_ssl]]
  ## Servers ( Default [] )
  servers = ["github.com:443"]
  timeout = "5s"

... in order to fix the lack of quotes and the incorrect variable response_timeout.

I'd love to see this plugin in the main product! Please expedite! 👍

[egarbi]

@wcgcoder Thanks for your input, Readme has been fixed however checks are failing for an unrelated issue.

[wcgcoder]

Thanks so much. Looks like a problem from outside your plugin. Not sure why as I'm rather new to this, but I was able to manually add your plugin to commit 31a4f03 and build it successfully.

[okv]

Hi there.
Any news about this? I also need this functionality.

[danielnelson]

@okv We are using the github milestones to prioritize pull requests. When there is new information it will be reflected here.

[okv]

will be waiting for it, thanks for your information

[mcfedr]

Maybe a separate tool, but how nice would it be to integrate your SSL Labs score into this check? https://github.com/ssllabs/ssllabs-scan

[hardinw]

@danielnelson I know you said updates will be posted here, but i'm getting itchy to have this functionality in the official release. Any update on a potential release date?

[swestcott]

I've patched the error handling issue on a new branch (fe7235c) and signed the CLA. Does someone want to cherry-pick this or should I raise a new PR? It could be great to get this released with v1.4.

[danielnelson]

@egarbi Can you integrate the fix by @swestcott into your branch?

[danielnelson]

We shouldn't use a real site as an example, since I'm sure they wouldn't appreciate being polled by Telegraf, you can use example.org instead. Please do this throughout the pull request.

What about other protocols, should this start with tcp://? Then we could support udp and tcp6

[danielnelson]

Appears to be a float, you can format this like - time_to_expire (int, seconds).

What do you think about naming this expire_seconds or similar to indicate units?

[danielnelson]

I think we should run these concurrently.

[danielnelson]

I'm not sure about this, if there is an error it does not necessarily mean the cert is expired.

[danielnelson]

We should recommend that the user use a increased interval, since 10s default would be too small.

[danielnelson]

I'm not sure that ssl is the right name for this, maybe it should be x509 or cert?

[egarbi]

@danielnelson So, what exactly should I change? Everything? the directory, file names and the references to them?

[danielnelson]

Yeah, I think we need to change all of this.

[danielnelson]

Include the name of the server that caused this.

[antoinealb]

Since this PR is pretty stalled, what would be the best way to try to get it merged again ? Pick the patches, apply requested changes and open a new PR ?

[egarbi]

@antoinealb if you want to start from where I left, be my guest. This was my first go project ever and I don't really now have much time to spend on this.
Thanks

[russorat]

sounds like we should close this in favor of #3768 . Thoughts?