Certificate expiry Time and Date
1. Compare the certificate expiry time and system time and will send a
warning mail when it is 30 days.
#!/bin/sh
CertExpires=`openssl x509 -in /path/to/cert.pem -inform PEM -text \
-noout -enddate | grep "Not After" | awk '{print $4, $5, $7}'`
TodayPlus30=`date -ud "+30 day" | awk '{print $2, $3, $6}'`
if [ "$CertExpires" = "$TodayPlus30" ]
then
echo "Your SSL Cert will expire in 30 days." | mail -s "SSL Cert
Monitor" email@removed
fi
#!/bin/sh
#
# example: remote.host.name [port]
#
REMHOST=$1
REMPORT=${2:-443}
echo |\
openssl s_client -connect ${REMHOST}:${REMPORT} 2>&1 |\
sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ~/certificate
DATEC=`openssl x509 -in ~/certificate -inform PEM -text -noout\
-enddate | grep "Not After" | awk '{print $4, $5, $7}'`
TIMEC=`openssl x509 -in ~/certificate -inform PEM -text -noout\
-enddate| grep "Not After" | awk '{ print $6 }'`
echo ExpireDate is $DATEC
echo ExpireTime is $TIMEC
rm -rf ~/certificate
#EXIT
No comments:
Post a Comment