Forum Discussion
Hi Mohammed,
In the thread the value 2629743 denotes 30 days, so this script when executed will give you the list of certs expiring within 30 days.
So if you need something within a week, you need to change the value.
Here's a simple script to fulfill your needs, this by default takes 30days, but if you need a specific interval, you can specify it while executing.
Script:
!/bin/bash
set number of days to warn
remainingdays=$1
if [ -z ${remainingdays} ]
then
remainingdays=30
fi
remainingseconds=$((${remainingdays} * 86400))
get current date
currdate=`date +%s`
set warning time period
warningtime=$((${currdate} + ${remainingseconds}))
verify cert expiration within warning time period
for cert in /config/filestore/files_d/Common_d/certificate_d/*.crt*
do
expirationtime=`openssl x509 -enddate -in $cert | awk -F '=' '{print $2}' | xargs -I{} date -d {} +%s`
if [ "${expirationtime}" -lt "${warningtime}" ]
then
certname=`echo "$cert" | sed -r 's/config/filestore/files_d/Common_d/certificate_d/:Common:g'`
expirydate=`openssl x509 -enddate -in $cert | awk -F '=' '{print $2}' | xargs -I{} date -d {} +%Y/%m/%d`
echo "$certname,$expirydate"
fi
done
How to use:
First copy the above code and save it in a file,
vi /var/tmp/ssl-script
Running the script
bash /var/tmp/ssl-script
The output will be seen in the console. But this will result all the certs expiring in next 30 days.
Running the script with a particular interval, ex: 7 days,
bash /var/tmp/ssl-script 7
The output will be seen in the console. But this will result all the certs expiring in next 7 days.
The output will be something like below,
Test_6days.com.crt_39416_1,2018/11/15
Test_7days.com.crt_39436_1,2018/11/16
You can also export in this in csv format too. And open in an excel file.