Updated to use OpenSSL and cert tags as subprocess no longer works with latest dd-agent

ssl_check_expire_days.py

import time
import datetime
from OpenSSL import crypto as c
from checks import AgentCheck

class SSLCheckExpireDays(AgentCheck):
    def check(self, instance):
        metric = "ssl.expire_in_days"
        certfile = instance['cert']
        cert_tag = 'cert:%s' % (certfile.split('/')[-1:],)
        date_format = "%Y%m%d%H%M%SZ"

        cert = c.load_certificate(c.FILETYPE_PEM, file(certfile).read())
        output = cert.get_notAfter()
        if output:
            d0 = datetime.datetime.today()
	    d1 = datetime.datetime(*(time.strptime(output, date_format)[0:3]))
            delta = d1 - d0
            self.gauge(metric, int(delta.days), tags=[cert_tag])
        else:
            self.gauge(metric, -1, tags=[cert_tag])

ssl_check_expire_days.yaml

init_config:

instances:
    - cert: /etc/ssl/www.mywebsite1.com.crt

    - cert: /etc/ssl/www.mywebsite2.com.crt

    - cert: /etc/ssl/www.mywebsite3.com.crt

Thanks @estib - I've updated the check with your suggestion and replaced the external subprocess command to use OpenSSL lib instead (according to DD support, the latest agent no longer supports the subprocess method I was using).

v5/v6 agent compatible:

try:
    from checks import AgentCheck
except ImportError:
    from datadog_checks.checks import AgentCheck

fix tags ending up as arrays (cert:cert_name.pem instead of cert:['cert_name.pem'])

cert_tag = 'cert:%s' % (cert.split('/')[-1],)

Hi.
Will this work for the windows agent ?
I mean the path to certificates is in a "linux" format. If so how is the path to certificates formatted?

Yeah i also need to get this working for a windows agent, is this possible?