domino_admin_toolkit.checks.test_certificates module

domino_admin_toolkit.checks.test_certificates.get_certificate_fields(secret_data)

Extract certificate fields from secret data.

Based on incident report: checks tls.crt, ca.crt, cert, certificate, crt, fields ending with .crt/.pem, and selective cert-containing fields.

domino_admin_toolkit.checks.test_certificates.test_certificate_chain_validation()

Description:

Validates certificate chains for proper trust relationships and identifies broken certificate chains that could cause TLS handshake failures.

Results:

Reports on certificate chain integrity across all namespaces. Does not fail - purely informational for debugging chain issues.

domino_admin_toolkit.checks.test_certificates.test_certificate_expiration()

Description:

Retrieves secrets with tls.crt and cert.crt certificates from the Domino compute, Domino platform, kube system, and calico system namespaces and prints the certificate details.

Results:

Fails if any certificates will expire in less than 30 days and shows how many days until expiration.

domino_admin_toolkit.checks.test_certificates.test_certificate_field_discovery()

Description:

Discovers all potential certificate fields across all secrets in the cluster to identify certificates that might be missed by current detection logic.

Results:

Reports on all fields that might contain certificates for review. Does not fail - purely informational for improving certificate detection.

domino_admin_toolkit.checks.test_certificates.test_certificate_troubleshoot_verbose()

Description:

Comprehensive certificate troubleshooting that provides detailed information about ALL certificates in the cluster including expired, soon-to-expire, malformed, and missing certificates. Includes certificate chain validation.

Results:

Displays detailed certificate information for troubleshooting purposes. Does not fail - purely informational for debugging certificate issues.