blob: f92b76b35a876df9642903f9d561627eb49b2850 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
#!/bin/bash
################################################################################
# Description:
# Retrieves SSL certificate from remote server and returns the remaining number
# of valid days.
#
# Usage:
# zext_ssl_cert.sh <hostname_or_IP> <port>
#
# Zabbix item:
# Type : external check
# Key : zext_ssl_cert.sh[port]
# Type of information: Numeric (float)
################################################################################
SHELL=/bin/bash PATH=/bin:/sbin:/usr/bin:/usr/sbin
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
domain=$1
getport=$2
getdomain=`cli53 export $domain | awk '{ print $1 }' | sed 's/[^a-z|0-9|.-]//g; ' | sed '/^$/d' | uniq `
fqdn=`echo "$getdomain" | while read a; do echo $a.$domain; done`
port=`echo "$fqdn" | while read b; do echo $getport; done`
IFS=" "
set -- $fqdn
N=0
first=1
#json header
echo -n '{
"data":['
echo $fqdn | while read LINE;do
N=$((N+1))
#####TIMEOUT is important. Due to openssl having no timeout options, hosts can hang for a long time.
end_date=`timeout 15 openssl s_client -ssl3 -host $LINE -port $getport -showcerts </dev/null 2>/dev/null |
sed -n '/BEGIN CERTIFICATE/,/END CERT/p' |
openssl x509 -text 2>/dev/null |
sed -n 's/ *Not After : *//p'`
if [ -n "$end_date" ]
then
end_date_seconds=`date '+%s' --date "$end_date"`
now_seconds=`date '+%s'`
days=`echo "($end_date_seconds-$now_seconds)/24/3600" | bc`
first=0
echo "${final:+,}"
final=,
printf "\t{\n"
printf "\t\t\"{#HOST}\":\"$LINE\",\n"
printf "\t\t\"{#DAYS}\":\"$days\"\n"
printf "\t}\n"
fi
done
echo '
]
}'
|