Script you can run in a cron
- Several thing of note: when getting the SSL information – you have to echo a “q” because the openssl is interactive.
- To covert from timestamp to formatted date – use the @ symbol
- date -d @$timestamp_item ‘+%Y-%m-%d’
#!/bin/bash
TARGET="www.website.net";
RECIPIENT="admin@websit.net";
DAYS=7;
echo "checking if $TARGET expires in less than $DAYS days";
ssl_out=$(echo "q" |openssl s_client -connect $TARGET:443 2>/dev/null | openssl x509 -noout -dates);
awk_out=$(echo $ssl_out | awk -F'=' '{ print $3 }');
echo "expration date is $awk_out";
expirationdate=$( date -d "$awk_out" '+%s');
in7days=$(($(date +%s) + (86400*$DAYS)));
echo "exp: $experationdate";
echo "in7: $in7days";
fmt_exp_date=$(date -d "$awk_out" '+%Y-%m-%d');
echo "7 days, $(date -d @$in7days '+%Y-%m-%d') ";
if [ $in7days -gt $expirationdate ]; then
echo "here";
echo "KO - Certificate for $TARGET expires in less than $DAYS days, on $(date -d @$expirationdate '+%Y-%m-%d')";
mail -s "Certificate expiration warning for $TARGET, on $fmt_exp_date" $RECIPIENT <<< "Certifcate expiry on $fmt_exp_date " ;
else
echo "OK - Certificate expires on $fmt_exp_date";
fi;