Created
October 23, 2017 15:53
-
-
Save robmiller/53e8a6aa32df63e1f294788c3ff0b0a4 to your computer and use it in GitHub Desktop.
ssl-expiry: displays the expiry date of SSL certificates associated with any domains passed on the command line
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
# | |
# ssl-expiry | |
# | |
# Author: Rob Miller <rob@bigfish.co.uk> | |
# | |
# For a given domain or domains, checks to see if an SSL certificate is | |
# present; if one is, outputs the date of its expiry. | |
# | |
# Usage: | |
# | |
# % ssl-expiry example.com | |
# example.com 2017-01-01 00:00:00+0000 | |
# | |
# % ssl-expiry example.com | cut -f2 | |
# 2017-01-01 00:00:00+0000 | |
# | |
# $ ssl-expiry example.com example.org | |
# example.com 2017-01-01 00:00:00+0000 | |
# example.org 2017-03-08 09:36:00+0000 | |
require "net/http" | |
require "openssl" | |
domains = ARGV.to_a | |
unless domains.length > 0 | |
abort "Usage: #$0 DOMAIN [DOMAIN...]" | |
end | |
domains.each do |domain| | |
uri = URI.parse("https://" + domain) | |
http = Net::HTTP.new(uri.host, uri.port) | |
http.use_ssl = true | |
http.verify_mode = OpenSSL::SSL::VERIFY_NONE | |
cert = nil | |
begin | |
http.start do |h| | |
cert = h.peer_cert | |
end | |
rescue Exception => e | |
$stderr.puts "#{domain}\tCouldn't connect to site (#{e.message})" | |
next | |
end | |
unless cert | |
$stderr.puts "#{domain}\tCouldn't find SSL certificate" | |
next | |
end | |
expiry = cert.not_after | |
puts "#{domain}\t#{expiry.strftime("%F %T%z")}" | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment