!/bin/sh
# check_SSL_expire.sh by vincent
#
SSL_URL="www.aaaa.com"
LIMIT_DAY=60
#############################
TODATE=`date +'%Y%m%d'`
TODATE_S=`date -d $TODATE +%s`
for i in $SSL_URL
do
/usr/bin/openssl s_client -connect $i:443 < /dev/null > $i.pem
ENDDAY=`openssl x509 -noout -in $i.pem -enddate | cut -c 10- | awk '{print $2}'`
ENDYEAR=`openssl x509 -noout -in $i.pem -enddate | cut -c 10- | awk '{print $4}'`
ENDMON=`openssl x509 -noout -in $i.pem -enddate | cut -c 10- | awk '{print $1 $2}'`
ENDMON=`date "+%G%m" -d $ENDMON | cut -c 5-`
if [ ${#ENDDAY} == "1" ]; then
ENDDAY="0"$ENDDAY
fi
EXPIRE_DATE=$ENDYEAR$ENDMON$ENDDAY
EXPIRE_DATE_S=`date -d $EXPIRE_DATE +%s`
RESULTS=`echo "(( $EXPIRE_DATE_S - $TODATE_S ) / (3060*24)) -1" | bc`
if [ $RESULTS -le $LIMIT_DAY ];then
touch Alter.$i.pem
echo "SSL certificate for $i expires in $RESULTS days" >> Alter.$i.pem
echo "" >> Alter.$i.pem
echo "Server certificate: " >> Alter.$i.pem
/usr/bin/openssl x509 -noout -in $i.pem -subject >> Alter.$i.pem
echo "" >> Alter.$i.pem
STARTDATE=`openssl x509 -noout -in $i.pem -startdate |cut -c 11-`
echo "start date: $STARTDATE" >> Alter.$i.pem
ENDDAY2=`openssl x509 -noout -in $i.pem -enddate |cut -c 10-`
echo "expire date: $ENDDAY2" >> Alter.$i.pem
cat Alter.$i.pem | mail -s "Alter for SSL certificate " AAA@DDD.com
fi
done
vincent's Blog
一個無聊的網路雜工的紀錄!!
Categories
- 小微 (2)
- 中醫藥 (5)
- 古文觀今 (4)
- 武術 (11)
- 狗屁倒灶 (1)
- 遊記 (1)
- 網路雜七雜八 (3)
- A10 (8)
- Apache (4)
- Bind (2)
- blogger (1)
- CAT (7)
- Docker (1)
- F5 (3)
- Fluentd (1)
- FTP (2)
- Jboss (3)
- Juniper (4)
- Linux (26)
- Mail (3)
- MSSQL (1)
- music (1)
- MySQL (1)
- Network (2)
- network monitor (4)
- Nginx (2)
- Oracle (22)
- Outlook Express (1)
- perl (1)
- Photos (3)
- Postgresql (3)
- Python (3)
- Remine (1)
- SaltStack (2)
- shell (10)
- Solaris (14)
- Veritas NetBackup (7)
- WOW (1)
- XenServer (1)
張貼留言