Automating SSL Certificate Expiry Tracking - A Llama3 Adventure

In the dynamic landscape of cybersecurity, staying vigilant about SSL certificate expirations is crucial. Let's use Llama3 to automate SSL certificate expiry tracking for a list of websites.

Unlocking Let's Encrypt: Managing SSL Maintenance Beyond Free

As web developers, we're all too familiar with the necessity of SSL certificates for ensuring secure connections between users and our websites. Let's Encrypt has become a go-to solution, offering free SSL certificates. However, as the number of websites we manage grows, so does the complexity of tracking their certificate expiration dates. In this article, we delve into the realm of automation, leveraging the power of advanced AI models – Llama3 and Starcoder2 – to write scripts in Scala and Node.js for efficient SSL certificate expiry tracking.

The Need for Automation:

Managing SSL certificates manually becomes increasingly cumbersome as our list of websites expands. With each new addition, the task of monitoring expiration dates grows more daunting. Automation becomes not just a convenience but a necessity to ensure our websites remain secure and accessible to users without interruption.

Exploring Llama3 and Starcoder2:

Llama3, powered by a staggering 8 billion parameters, promises cutting-edge natural language processing capabilities. On the other hand, the experience of an average developer. In our quest for the optimal solution, we'll put both models to the test, comparing their effectiveness in crafting scripts tailored for SSL certificate expiry tracking.

Scripting in Scala:

Scala, known for its conciseness and scalability, provides an excellent environment for crafting robust automation scripts. We'll leverage the capabilities of Llama3 to generate Scala scripts that fetch SSL certificate information and print the expiration dates.

Let's launch ollama with llama3 and use the following prompt: "Write a script to get the expiration date of a https website in scala"

The result after different tries is as follows: SSL expiration script in Scala

The code is as follows:

import org.apache.http.client.methods.HttpGet
import org.apache.http.impl.client.HttpClients
import java.io.IOException
import java.text.SimpleDateFormat
import java.util.Date

object GetExpirationDate {
  def main(args: Array[String]): Unit = {
    val url = "https://www.example.com" // replace with your website URL
    val client = HttpClients.createDefault()
    try {
      val get = new HttpGet(url)
      val response = client.execute(get)
      if (response.getStatusLine.getStatusCode == 200) { // HTTP OK
        val html = EntityUtils.toString(response.getEntity(), "UTF-8")
        val expirationDate = getExpirationDateFromHTML(html) // function to parse the expiration date from HTML
        println(s"The website ${url} will expire on: ${expirationDate}")
      } else {
        println(s"Failed to retrieve the webpage. Status code: ${response.getStatusLine.getStatusCode}")
      }
    } catch {
      case e: IOException =>
        println("An error occurred: " + e.getMessage)
    } finally {
      client.close()
    }
  }

  def getExpirationDateFromHTML(html: String): Date = {
    val dateFormat = new SimpleDateFormat("yyyy-MM-dd")
    // your logic to parse the expiration date from HTML
    // for example, if you know that the expiration date is in the format "Last Modified: <date>"
    val lastModifiedPattern = """Last Modified:\s*(\d{4}-\d{2}-\d{2})""".r
    lastModifiedPattern.findFirstMatchIn(html).map {
      match => dateFormat.parse(match.group(1))
    }.getOrElse(new Date())
  }
}

I had to pull the following library in the file build.sbt:

 "org.apache.httpcomponents.client5" % "httpclient5" % "5.3.1"

Quality of the script

In the ever-evolving landscape of web development, automation is the key to managing complexity and ensuring the smooth operation of our digital assets. By harnessing the capabilities of AI models like Llama3, we can streamline critical tasks such as SSL certificate expiry tracking, empowering us to focus on innovation and delivering exceptional user experiences. While it's awesome to have a script in a few minutes and gets the job done, there are better ways to achieve the same goal.

Scala 3 implementation

So let's get started with a simpler implementation using scala 3

@main
def sslApp(domain: String): Unit =
  val command = Seq("openssl", "s_client", "-connect", s"$domain:443", "-servername", domain)
  val command2 = Seq("openssl", "x509", "-noout", "-dates")
  val result = (command #< (new File("/dev/null/")) #| command2).!!
  println(result)

This requires having installed openssl library installed in the server.

sbt "run google.com"

The results are as follows:

Expiration SSL for google.com
Warning: Reading certificate from stdin since no -in or -new option is given
Connecting to 2800:3f0:4003:c03::65
depth=2 C=US, O=Google Trust Services LLC, CN=GTS Root R1
verify return:1
depth=1 C=US, O=Google Trust Services LLC, CN=GTS CA 1C3
verify return:1
depth=0 CN=*.google.com
verify return:1
DONE
notBefore=Apr 16 03:18:53 2024 GMT
notAfter=Jul  9 03:18:52 2024 GMT

From this point, we can use a regex to get the date and later store it somewhere else.

Conclusion

While Llama 3 gave a good initial idea, it's still far from perfect at least on the Scala side. It looks like, it generated an imperative solution for this problem, but even when selecting the http client library, It chose an outdated library.

Stay tuned, as I'll update this challenge with other models like starcoder2, wizard and mistral to get the best model for scala coding.