This blueprint will check the selected certificate used by the integration cert_expiry when it is going to be expired. If it expires before the selected period, it will send a notification to the selected mobile device. It will run everyday at the selected time.
Click the badge to import this Blueprint: (needs Home Assistant Core 2021.3 or higher)
Or import this Blueprint by using the forum topic URL:
blueprint:
name: Certificate Expiration
description: 'This automation blueprint notifies when a SSL certificate is about to expire'
domain: automation
input:
certificate_input:
name: Certificate
description: The certificate timestamp
selector:
entity:
integration: cert_expiry
days_input:
name: Days before
description: Set how many days before expiration it should start sending notifications
default: 5
selector:
number:
min: 0
max: 100
unit_of_measurement: days
mode: slider
step: 1
time_input:
name: Time
description: What time of the day it should check and send the notification?
default: '15:00'
selector:
time:
notify_device:
name: Device to notify
description: Device needs to run the official Home Assistant app to receive
notifications
selector:
device:
integration: mobile_app
device_message:
name: Message
description: Select the message to send to the app. You can use {{expire_days_var}} for the remaining days.
default: "SSL cert is due to expire in {{ expire_days_var }} days"
selector:
text:
trigger:
platform: time
at: !input 'time_input'
variables:
notify_device: !input 'notify_device'
days_var: !input 'days_input'
certificate_var: !input 'certificate_input'
expire_days_var: '{{ ((as_timestamp(states(certificate_var)) - as_timestamp(now())) / 60 / 60 / 24 ) | int }}'
condition:
condition: template
value_template: "{{ expire_days_var < days_var }}"
action:
- device_id: !input 'notify_device'
domain: mobile_app
type: notify
title: 'SSL Certificate Expiration'
message: !input 'device_message'
- event: ssl_certifcate_expiration
event_data:
entity: !input 'certificate_input'
daysleft: '{{ expire_days_var }}'
You have to import it into your home assistant instance by going to configuration -> Blueprints and click on the import blueprint. At the pop up dialog you write the url of this page.
Awesome thanks! I have one other question, how could I add multiple certificates to my home assistant as entities so this blueprint can work in a automation?
I’m kinda new to Home Assistant, but not new to scripting in general, but this is just a time saver; why re-invent the wheel when there’s a perfectly good one here
Thanks for the info, my cert runs out in a few weeks, so I look forward to being plagued until I pull my finger out to update it
Excellent! Now how do I modify your blueprint so that the action triggered is to restart my lets encrypt add-on instead of sending a notification to my mobile?
I modified the blueprint so that it can support custom actions. I haven’t tried it, so let me know if you got any problems.
Edit or create a new blueprint. Mine is located at this path: <installdir>/blueprints/automation/bkbilly/certificate-expiration.yaml
blueprint:
name: Certificate Expiration
description: 'This automation blueprint notifies when a SSL certificate is about to expire'
domain: automation
input:
certificate_input:
name: Certificate
description: The certificate timestamp
selector:
entity:
integration: cert_expiry
days_input:
name: Days before
description: Set how many days before expiration it should start sending notifications
default: 5
selector:
number:
min: 0
max: 100
unit_of_measurement: days
mode: slider
step: 1
time_input:
name: Time
description: What time of the day it should check and send the notification?
default: '15:00'
selector:
time:
target_action:
name: Action
description: What should be done, when the timer expires?
selector:
action:
trigger:
platform: time
at: !input 'time_input'
variables:
days_var: !input 'days_input'
certificate_var: !input 'certificate_input'
expire_days_var: '{{ ((as_timestamp(states(certificate_var)) - as_timestamp(now())) / 60 / 60 / 24 ) | int }}'
condition:
condition: template
value_template: "{{ expire_days_var < days_var }}"
action:
- choose:
default: !input 'target_action'
Offer option to set an individual notification service (e. g. selecting a device/notification group like ‘notify.all’ to notify more than one device)
Add Certificate Name to notification message (title or message). Currently the message only says “SSL Certificate Expiration - SSL cert is due to expire in XX days”. Well, what if I monitor more than one certificate? Which one is going to expire? The current message won´t tell.
Besides that: GREAT blueprint! Makes things easier
@e-raser
Thank you for the input. I’ve updated the topic to send the friendly name of the certificate to the app.
As for your first request, I don’t think that I will be able to make it work because of how limited the blueprints are. You could take a look on the blueprint I’ve added at my previous post above.
@Viking
I am not sure what you mean by that, but I think that you are talking about the 1st feature request of @e-raser. Let me know if you’ve got another problem.
Final note
If blueprints allow actions to be empty, I will update the blueprint so that you won’t be limited to the mobile app notification.
No, what I mean is that when you generate a Let’s Encrypt certificate, you can add any number of aliases (valid DNS domain names) to it and one and the same certificate can be used to serve all of them. But the HA integration fails if you specify one of the aliases.
Message text now contains “SSL cert Cert Expiry Timestamp”. Maybe make the text configurable so users can set their own text (fix bugs, use own language etc)
thanks a lot for sharing this blueprint. It is also my first blueprint to use
I tried to import it using the button and I ended up with the original version that is hardcoded to send a notification to the companion app. As I needed another notification mechanism and I could not get the updated version you posted later imported via the Home Assistant web interface I have created a public gist with the updated version here:
Just in case others want to import that version, they can the just import the URL that is displayed above. I’ve added an attribution to you in the name of the blueprint.