Forum Discussion

BIJO_DEV_315093's avatar
BIJO_DEV_315093
Icon for Nimbostratus rankNimbostratus
Mar 24, 2017

alert/email notification when a SSL certificate expires

Hello everyone I would like to set an alert/email notification when a SSL certificate is going to expire ? I am newbie, would need your guys help.

 

2 Replies

  • Hi Mohammed,

    In the thread the value 2629743 denotes 30 days, so this script when executed will give you the list of certs expiring within 30 days.

    So if you need something within a week, you need to change the value.

    Here's a simple script to fulfill your needs, this by default takes 30days, but if you need a specific interval, you can specify it while executing.

    Script:

     

    !/bin/bash
     set number of days to warn
    remainingdays=$1
    if [ -z ${remainingdays} ]
    then
       remainingdays=30
    fi
    
    remainingseconds=$((${remainingdays} * 86400))
    
     get current date
    currdate=`date +%s`
    
     set warning time period
    warningtime=$((${currdate} + ${remainingseconds}))
    
     verify cert expiration within warning time period
    for cert in /config/filestore/files_d/Common_d/certificate_d/*.crt*
    do
        expirationtime=`openssl x509 -enddate -in $cert | awk -F '=' '{print $2}' | xargs -I{} date -d {} +%s`
        if [ "${expirationtime}" -lt "${warningtime}" ]
        then
            certname=`echo "$cert" | sed -r 's/config/filestore/files_d/Common_d/certificate_d/:Common:g'`
            expirydate=`openssl x509 -enddate -in $cert | awk -F '=' '{print $2}' | xargs -I{} date -d {} +%Y/%m/%d`
            echo "$certname,$expirydate"
        fi
    done
    

     

    How to use:

    First copy the above code and save it in a file,

    vi /var/tmp/ssl-script

    Running the script

    bash /var/tmp/ssl-script

    The output will be seen in the console. But this will result all the certs expiring in next 30 days.

    Running the script with a particular interval, ex: 7 days,

    bash /var/tmp/ssl-script 7

    The output will be seen in the console. But this will result all the certs expiring in next 7 days.

    The output will be something like below,

     

    Test_6days.com.crt_39416_1,2018/11/15
    Test_7days.com.crt_39436_1,2018/11/16
    

     

    You can also export in this in csv format too. And open in an excel file.