案例

监控https证书有效期

依赖

Blackbox Exporter

1️⃣ blackbox-exporter 配置

modules:
  https_tls:
    prober: http
    timeout: 5s
    http:
      valid_http_versions: ["HTTP/1.1", "HTTP/2"]
      tls_config:
        insecure_skip_verify: false

2️⃣ Prometheus scrape

- job_name: 'blackbox-https'
  metrics_path: /probe
  params:
    module: [https_tls]
  static_configs:
    - targets:
      - https://example.com
  relabel_configs:
    - source_labels: [__address__]
      target_label: __param_target
    - source_labels: [__param_target]
      target_label: instance
    - target_label: __address__
      replacement: blackbox-exporter:9115

3️⃣ 关键指标

probe_ssl_earliest_cert_expiry

4️⃣ 剩余有效期（天）

(probe_ssl_earliest_cert_expiry - time()) / 86400

5️⃣ 告警示例

groups:
- name: tls证书监控
  rules:
  - alert: TLS证书即将过期
    expr: (probe_ssl_earliest_cert_expiry{instance="https://catpd.cn"} - time()) / 86400 < 90
    for: 10s
    labels:
      severity: warning
    annotations:
      summary: "HTTPS 证书即将过期"
      description: |
        域名：https://catpd.cn
        证书剩余有效期：{{ printf "%.1f" $value }} 天

☁️ 部署建议

如果你打算长期运行项目（博客 / API / 自动化脚本），建议直接用云服务器，会比本地稳定很多。

👉 查看云服务器（新用户优惠）