Monitor PKI certificates & CRLs for expiration with Telegram & SMS alerts
PKI Certificate & CRL Monitor - Auto Expiration Alert System Overview This n8n workflow provides automated monitoring of Public Key Infrastructure (PKI) components including CA certificates, Certificate Revocation Lis...
Template notes
PKI Certificate & CRL Monitor - Auto Expiration Alert System
Overview This n8n workflow provides automated monitoring of Public Key Infrastructure (PKI) components including CA certificates, Certificate Revocation Lists (CRLs), and associated web services. It extracts certificate information from the TSL (Trusted Service List) -- the Hungarian is the example list as default in the workflow -- , monitors expiration dates, and sends alerts via Telegram and SMS when critical thresholds are reached.
Features - Automated extraction of certificate URLs from TSL XML - CA certificate expiration monitoring - CRL expiration tracking - Website availability monitoring with retry mechanism - Multi-channel alerting (Telegram and SMS) - Scheduled execution every 12 hours - 17-hour warning threshold for expirations
Setup Instructions
Prerequisites 1. n8n Instance: Running n8n installation with Linux environment 2. Telegram Bot: Created via @BotFather 3. Textbelt API Key: For SMS notifications (optional) 4. Network Access: To reach TSL source and certificate URLs 5. Linux Tools: OpenSSL, curl, libxml2-utils, jq (auto-installed)
Configuration Steps
1. Telegram Setup Create Telegram Bot: - Open Telegram and search for @BotFather - Send /newbot and follow prompts - Save the bot token (format: 1234567890:ABCdefGHIjklMNOpqrsTUVwxyz)
Create Alert Channel: - Create a new Telegram channel for alerts - Add your bot as administrator - Get channel ID: - Send a test message to the channel - Visit: https://api.telegram.org/bot<YOURBOTTOKEN>/getUpdates - Find "chat":{"id":-100XXXXXXXXXX} - this is your channel ID