Skip to content

Instantly share code, notes, and snippets.

@bms8197
Forked from cgmartin/check-certs.sh
Last active May 16, 2019 10:41
Show Gist options
  • Save bms8197/666c079424e8b489f6ab22300305ecf4 to your computer and use it in GitHub Desktop.
Save bms8197/666c079424e8b489f6ab22300305ecf4 to your computer and use it in GitHub Desktop.
Bash SSL Certificate Expiration Check
#!/bin/bash
#
# Usage: check-certs.sh domain.name
#
TARGET="$@";
RECIPIENT="my-email-address@domain.tld";
DAYS=30;
echo "checking if $TARGET expires in less than $DAYS days";
expirationdate=$(date -d "$(: | openssl s_client -connect $TARGET:443 -servername $TARGET 2>/dev/null \
| openssl x509 -text \
| grep 'Not After' \
| awk '{print $4,$5,$7}')" '+%s');
in_days=$(($(date +%s) + (86400*$DAYS)));
if [ $in_days -gt $expirationdate ]; then
echo "KO - Certificate for $TARGET expires in less than $DAYS days, on $(date -d @$expirationdate '+%Y-%m-%d')" \
| mail -s "Certificate expiration warning for $TARGET" $RECIPIENT;
else
echo "OK - Certificate expires on $(date -d @$expirationdate '+%Y-%m-%d')";
fi;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment