cancel
Showing results for 
Search instead for 
Did you mean: 

alert/email notification when a SSL certificate expires

BIJO_DEV_315093
Nimbostratus
Nimbostratus

Hello everyone I would like to set an alert/email notification when a SSL certificate is going to expire ? I am newbie, would need your guys help.

 

2 REPLIES 2

Leonardo_Souza
Cirrocumulus
Cirrocumulus

This solution has the steps to do that:

 

https://support.f5.com/csp/article/K15288

 

Hi Mohammed,

 

In the thread the value 2629743 denotes 30 days, so this script when executed will give you the list of certs expiring within 30 days.

 

So if you need something within a week, you need to change the value.

 

Here's a simple script to fulfill your needs, this by default takes 30days, but if you need a specific interval, you can specify it while executing.

 

Script:

 

!/bin/bash set number of days to warn remainingdays=$1 if [ -z ${remainingdays} ] then remainingdays=30 fi remainingseconds=$((${remainingdays} * 86400)) get current date currdate=`date +%s` set warning time period warningtime=$((${currdate} + ${remainingseconds})) verify cert expiration within warning time period for cert in /config/filestore/files_d/Common_d/certificate_d/*.crt* do expirationtime=`openssl x509 -enddate -in $cert | awk -F '=' '{print $2}' | xargs -I{} date -d {} +%s` if [ "${expirationtime}" -lt "${warningtime}" ] then certname=`echo "$cert" | sed -r 's/config/filestore/files_d/Common_d/certificate_d/:Common:g'` expirydate=`openssl x509 -enddate -in $cert | awk -F '=' '{print $2}' | xargs -I{} date -d {} +%Y/%m/%d` echo "$certname,$expirydate" fi done

How to use:

 

First copy the above code and save it in a file,

 

vi /var/tmp/ssl-script

 

Running the script

 

bash /var/tmp/ssl-script

 

The output will be seen in the console. But this will result all the certs expiring in next 30 days.

 

Running the script with a particular interval, ex: 7 days,

 

bash /var/tmp/ssl-script 7

 

The output will be seen in the console. But this will result all the certs expiring in next 7 days.

 

The output will be something like below,

 

Test_6days.com.crt_39416_1,2018/11/15 Test_7days.com.crt_39436_1,2018/11/16

You can also export in this in csv format too. And open in an excel file.