update
This commit is contained in:
18
defaults.inc
18
defaults.inc
@@ -58,3 +58,21 @@ DIVIDER(){
|
||||
fi
|
||||
}
|
||||
|
||||
CERT-CHECK(){
|
||||
TARGET="mysite.example.net";
|
||||
RECIPIENT="hostmaster@mysite.example.net";
|
||||
DAYS=7;
|
||||
echo "checking if $TARGET expires in less than $DAYS days";
|
||||
expirationdate=$(date -d "$(: | openssl s_client -connect $TARGET:443 -servername $TARGET 2>/dev/null \
|
||||
| openssl x509 -text \
|
||||
| grep 'Not After' \
|
||||
|awk '{print $4,$5,$7}')" '+%s');
|
||||
in7days=$(($(date +%s) + (86400*$DAYS)));
|
||||
if [ $in7days -gt $expirationdate ]; then
|
||||
echo "KO - Certificate for $TARGET expires in less than $DAYS days, on $(date -d @$expirationdate '+%Y-%m-%d')" \
|
||||
| mail -s "Certificate expiration warning for $TARGET" $RECIPIENT ;
|
||||
else
|
||||
echo "OK - Certificate expires on $expirationdate";
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
@@ -87,12 +87,15 @@ LISTCERTS(){
|
||||
#DIVIDER true
|
||||
for d in /etc/letsencrypt/live/*/ ; do
|
||||
SUBJECTNAMES=$(openssl x509 -in ${d}/cert.pem -noout -text|grep -oP '(?<=DNS:|IP Address:)[^,]+'|sort -uV)
|
||||
IFS=':'
|
||||
SUBJECTNAMES=(${SUBJECTNAMES//$'\n'/:})
|
||||
unset IFS
|
||||
echo "$d"
|
||||
IFS=':'; SUBJECTNAMES=(${SUBJECTNAMES//$'\n'/:}); unset IFS
|
||||
|
||||
CERTEXPIRE=$(date -d "$(: | openssl x509 -in ${d}/cert.pem -text \
|
||||
| grep 'Not After' \
|
||||
|awk '{print $4,$5,$7}')" '+%s');
|
||||
|
||||
|
||||
declare -p SUBJECTNAMES
|
||||
#echo ${SUBJECTNAMES//$'\n'/:}
|
||||
echo "Expires: ${CERTEXPIRE}"
|
||||
echo ""
|
||||
done
|
||||
|
||||
|
||||
Reference in New Issue
Block a user