| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 |
- #!/bin/bash
- EXPIRATIONDAYS=90
- checkCertificate () {
- CERTIFICATE=$@
- STARTNOTIFICATIONDATE=$(date +%s)
- EXPIRYNOTIFICATIONDATE=$(($(date +%s) + (86400*${EXPIRATIONDAYS})))
- SUBJECT=$(openssl x509 -in "${CERTIFICATE}" -noout -text | grep "Subject:" | sed 's/^.*CN[ ]*=[ ]*\(.*\),.*$/\1/')
- STARTDATE=$(openssl x509 -in "${CERTIFICATE}" -noout -text | grep 'Not Before' | awk '{printf "%s %.2d %s %s\n",$3,$4,$6,$5}')
- STARTDATENUMERIC=$(date -d "${STARTDATE}" '+%s');
- EXPIRATIONDATE=$(openssl x509 -in "${CERTIFICATE}" -noout -text | grep 'Not After' | awk '{printf "%s %.2d %s %s\n",$4,$5,$7,$6}')
- EXPIRATIONDATENUMERIC=$(date -d "${EXPIRATIONDATE}" '+%s');
- if [ ${STARTNOTIFICATIONDATE} -lt ${STARTDATENUMERIC} ]
- then
- echo -e "\tOn ${STARTDATE}, the CERTIFICATE for \"${SUBJECT}\" will become valid"
- fi
- if [ ${EXPIRYNOTIFICATIONDATE} -gt ${EXPIRATIONDATENUMERIC} ]
- then
- echo -e "\tOn ${EXPIRATIONDATE}, the CERTIFICATE for \"${SUBJECT}\" will expire"
- fi
- }
- for DIRECTORY in ./*/
- do
- DIRECTORY=${DIRECTORY%*/}
- DIRECTORY=${DIRECTORY:2}
- if [ "${DIRECTORY}" != "openssl" ]; then
- echo "${DIRECTORY}:"
- cd "${DIRECTORY}"
- for CERTIFICATE in ./*.crt
- do
- if [[ -f "${CERTIFICATE}" ]]
- then
- checkCertificate ${CERTIFICATE}
- fi
- done
- cd - > /dev/null
- fi
- done
|
