Skip to content

Cert smtp #6089

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 6 commits into
base: master
Choose a base branch
from
Draft

Cert smtp #6089

wants to merge 6 commits into from
+128 −15

Conversation

@Hartejs088
Copy link

@Hartejs088 Hartejs088 commented Aug 29, 2025
edited
Loading

Added SMTP monitoring with SMTPS and STARTTLS support, including certificate checks. It now detects invalid or expired certificates and triggers notifications, all while keeping the code inline, maintainable, and consistent with the existing HTTP/HTTPS monitors. #6030

@Hartejs088
Add Certificate Monitoring for SMTP Monitors
8e05f9d 
This draft PR introduces certificate monitoring for SMTP monitors (SMTPS/STARTTLS), similar to other monitor types.

What’s implemented so far:

Added “Monitor Certificate” checkbox in the SMTP monitor form.

Backend checks certificates when certExpiry is true and SMTP is secure (SMTPS or STARTTLS).

heartbeat.certExpiryDaysRemaining and validCert are being calculated.

Attempted to update TLS info using handleTlsInfo().

Current issue / help needed:

Certificate info is not yet showing on the dashboard.

Unsure if handleTlsInfo() is being called correctly or if the frontend binding needs adjustment.

Need guidance on the best way to store/display TLS info for SMTP monitors, consistent with other monitor types.

Goal:

Enable users to see SMTP certificate validity and expiry in the dashboard.

Make SMTP certificate monitoring consistent with HTTP/HTTPS monitors.
@Hartejs088
cert
93a519b
@Hartejs088
Update monitor.js
20e955e
@Hartejs088
Merge branch 'master' into cert-smtp
e4acc24
@Hartejs088
added certificate for smtp
aab4873
@Hartejs088
Merge branch 'cert-smtp' of https://github.com/Hartejs088/uptime-kuma
6235475 
…into cert-smtp
@Hartejs088
Copy link
Author

Hartejs088 commented Aug 30, 2025

@CommanderStorm @fpedrei,
I’ve implemented the requested certificate feature and opened a PR for it. All checks are passing
Please have a look #6030

@Hartejs088 Hartejs088 marked this pull request as ready for review August 30, 2025 10:43
CommanderStorm
CommanderStorm requested changes Aug 30, 2025
View reviewed changes
Copy link
Collaborator

@CommanderStorm CommanderStorm left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am not a fan of your LLMs output.

Right now the PR introduces a separate SMTP monitoring impelmentations and includes a lot of changes that don’t seem related to the main purpose. In its current state it’s unfortunately not reviewable.

If you can narrow this down to the intended change and make sure it’s consistent, we’ll be able to give it a proper review.

@Hartejs088
Copy link
Author

Hartejs088 commented Aug 30, 2025

Hi, I’ve gone through the changes in this PR and wanted to clarify the intended scope:

  1. Right now, the PR adds a checkbox in the Edit Monitor page.

  2. It also fetches and displays certificate info in the dashboard, similar to HTTPS monitors (for STARTTLS and SMTPS; no cert info is sent if STARTTLS is ignored).

Do we want both of these changes, or just the checkbox in the Edit Monitor? I can adjust the PR accordingly once I know what’s needed.

Also, for clarity, should the certificate info appear in the dashboard like HTTPS monitors, or is the checkbox alone enough?

@Hartejs088 Hartejs088 marked this pull request as draft August 30, 2025 13:43
@CommanderStorm
Copy link
Collaborator

CommanderStorm commented Aug 30, 2025

I’m fine with including both of those changes.

For PRs generated with the help of an LLM, please ensure you’ve done a careful review yourself before opening them. That way, our review time can focus on the meaningful parts, and not get sidetracked by things the model added unnecessarily.

@Hartejs088
Copy link
Author

Hartejs088 commented Aug 30, 2025

I understand your concern about not duplicating SMTP connection logic in the PR. I ran into an issue where the existing connection doesn’t let me inspect the certificate.
Would it be okay if I briefly open a short-lived connection just to fetch the certificate and then close it? This would be separate and shouldn’t affect the main monitoring logic.
I wanted to check with you first so the PR stays clean and focused.

@Hartejs088
Copy link
Author

Hartejs088 commented Sep 8, 2025

@CommanderStorm can we proceed with this?

@CommanderStorm
Copy link
Collaborator

CommanderStorm commented Sep 8, 2025

While the current approach might work, I am not super excited about this approach.
I don't think that the implementation that you have done is maintainable in the long run, even though you have spend a lot of effort on this.

A better approach would be to either:

  • contribute support for this upstream
  • hook into upstream APIs

@Hartejs088
Copy link
Author

Hartejs088 commented Sep 9, 2025

@CommanderStorm Thanks for the feedback! I agree that maintainability is important. I’ll explore both approaches—contributing upstream support and hooking into upstream APIs—and decide which aligns best with long-term maintainability. I’ll update you once I’ve evaluated the options.

@fpedrei
Copy link

fpedrei commented Sep 9, 2025

@Hartejs088 You could file an enhancment request against nodemailer. Perhaps an API could be added to provide the server certificate within verify() more easy.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@CommanderStorm CommanderStorm CommanderStorm requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

needs:resolve-merge-conflict

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Hartejs088 @CommanderStorm @fpedrei