update
This commit is contained in:
18
defaults.inc
18
defaults.inc
@@ -58,3 +58,21 @@ DIVIDER(){
|
|||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
CERT-CHECK(){
|
||||||
|
TARGET="mysite.example.net";
|
||||||
|
RECIPIENT="hostmaster@mysite.example.net";
|
||||||
|
DAYS=7;
|
||||||
|
echo "checking if $TARGET expires in less than $DAYS days";
|
||||||
|
expirationdate=$(date -d "$(: | openssl s_client -connect $TARGET:443 -servername $TARGET 2>/dev/null \
|
||||||
|
| openssl x509 -text \
|
||||||
|
| grep 'Not After' \
|
||||||
|
|awk '{print $4,$5,$7}')" '+%s');
|
||||||
|
in7days=$(($(date +%s) + (86400*$DAYS)));
|
||||||
|
if [ $in7days -gt $expirationdate ]; then
|
||||||
|
echo "KO - Certificate for $TARGET expires in less than $DAYS days, on $(date -d @$expirationdate '+%Y-%m-%d')" \
|
||||||
|
| mail -s "Certificate expiration warning for $TARGET" $RECIPIENT ;
|
||||||
|
else
|
||||||
|
echo "OK - Certificate expires on $expirationdate";
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -87,12 +87,15 @@ LISTCERTS(){
|
|||||||
#DIVIDER true
|
#DIVIDER true
|
||||||
for d in /etc/letsencrypt/live/*/ ; do
|
for d in /etc/letsencrypt/live/*/ ; do
|
||||||
SUBJECTNAMES=$(openssl x509 -in ${d}/cert.pem -noout -text|grep -oP '(?<=DNS:|IP Address:)[^,]+'|sort -uV)
|
SUBJECTNAMES=$(openssl x509 -in ${d}/cert.pem -noout -text|grep -oP '(?<=DNS:|IP Address:)[^,]+'|sort -uV)
|
||||||
IFS=':'
|
IFS=':'; SUBJECTNAMES=(${SUBJECTNAMES//$'\n'/:}); unset IFS
|
||||||
SUBJECTNAMES=(${SUBJECTNAMES//$'\n'/:})
|
|
||||||
unset IFS
|
CERTEXPIRE=$(date -d "$(: | openssl x509 -in ${d}/cert.pem -text \
|
||||||
echo "$d"
|
| grep 'Not After' \
|
||||||
|
|awk '{print $4,$5,$7}')" '+%s');
|
||||||
|
|
||||||
|
|
||||||
declare -p SUBJECTNAMES
|
declare -p SUBJECTNAMES
|
||||||
#echo ${SUBJECTNAMES//$'\n'/:}
|
echo "Expires: ${CERTEXPIRE}"
|
||||||
echo ""
|
echo ""
|
||||||
done
|
done
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user