checker/definition.go

@@ -11,7 +11,7 @@ import (
 var Version = "built-in"
 
 // Definition returns the CheckerDefinition for the TLS checker.
-func (p *tlsProvider) Definition() *sdk.CheckerDefinition {
+func Definition() *sdk.CheckerDefinition {
 	return &sdk.CheckerDefinition{
 		ID:      "tls",
 		Name:    "TLS",

checker/prober.go

@@ -33,6 +33,7 @@ func buildChain(certs []*x509.Certificate) []CertInfo {
 			DERBase64:     base64.StdEncoding.EncodeToString(c.Raw),
 			Subject:       c.Subject.String(),
 			Issuer:        c.Issuer.String(),
+			NotAfter:      c.NotAfter,
 			CertSHA256:    hex.EncodeToString(certSum256[:]),
 			CertSHA512:    hex.EncodeToString(certSum512[:]),
 			SPKISHA256:    hex.EncodeToString(spkiSum256[:]),

checker/types.go

@@ -84,6 +84,10 @@ type CertInfo struct {
 	Subject string `json:"subject,omitempty"`
 	Issuer  string `json:"issuer,omitempty"`
 
+	// NotAfter is the certificate's expiry. Carried so editors can show
+	// "expires on …" without re-parsing the DER.
+	NotAfter time.Time `json:"not_after,omitempty"`
+
 	// Selector 0 = full certificate.
 	CertSHA256 string `json:"cert_sha256,omitempty"`
 	CertSHA512 string `json:"cert_sha512,omitempty"`