Created
July 14, 2022 07:20
-
-
Save jeroenhe/750fd9564243979cb2b900a4097eed29 to your computer and use it in GitHub Desktop.
Check certificate expiration date using timeout, openssl and date cli tools
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| HOST=$1 | |
| PORT=$2 | |
| DAYS=${3:-10} | |
| CERT_FILE=$(mktemp) | |
| ### Read Site Certificate and save as File ### | |
| timeout --preserve-status 3 openssl s_client -servername $HOST -connect $HOST:$PORT 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > "$CERT_FILE" | |
| if [ ! -s "$CERT_FILE" ]; then | |
| echo "$HOST:$PORT was not up!" | |
| exit 1 | |
| fi | |
| ### Get Full Expiration Date ### | |
| date=$(openssl x509 -in $CERT_FILE -enddate -noout | sed "s/.*=\(.*\)/\1/" | awk -F " " '{print $1,$2,$3,$4}') | |
| rm "$CERT_FILE" | |
| ### Convert Expiration Date in Epoch Format ### | |
| date_s=$(date -j -f "%b %d %T %Y" "$date" "+%s") | |
| ### Get Curent Date in Epoch Format ### | |
| now_s=$(date +%s) | |
| ### Calculate Time Difference ### | |
| date_diff=$(( (date_s - now_s) / 86400 )) | |
| echo "Cert for $HOST:$PORT will expire in $date_diff days" | |
| if [ "${date_diff}" -lt "${DAYS}" ]; then | |
| exit 1 | |
| else | |
| exit 0 | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment