Show HN: X509-certificate-exporter – Prometheus exporter for TLS cert expiration

[solvik]

Certificates expire silently. Kubernetes won't warn you, and most teams find out when something breaks. This exporter watches PEM files, kubeconfigs, Kubernetes TLS secrets, and PKCS#12 bundles, and exposes expiration as Prometheus metrics you can alert on. It works standalone too, no Kubernetes required. A Grafana dashboard is included. The new release is a major rewrite, built from experience running this across a large number of production clusters. The main pain point it addresses: at scale, with thousands of certificates, the exporter was putting too much pressure on the Kubernetes API. We also put a lot of care into supply chain security this time around.