provisioning tool for building opinionated architecture
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
#!/bin/bash readonly DOMAIN=$1 readonly PROTOCOL=${2:-https} readonly TIMEOUT=10 # max seconds to wait
result=0
function usage { echo 'usage: <DOMAIN> [ https | 443 | smtps | 587 | pop3 | 993 | imap | 995 | ALL ]' exit 1 }
function check_ssl { local protocol=$1 case $protocol in SMTPS) local extra="-starttls smtp -showcerts" ;; esac
echo -n "$protocol "
certificate_info=$(echo | timeout $TIMEOUT openssl s_client $extra -connect $DOMAIN:$2 2>/dev/null)
issuer=$(echo "$certificate_info" | openssl x509 -noout -text 2>/dev/null | grep Issuer: | cut -d: -f2) date=$(echo "$certificate_info" | openssl x509 -noout -enddate 2>/dev/null | cut -d'=' -f2) date_s=$(date -d "${date}" +%s) now_s=$(date -d now +%s) date_diff=$(((date_s - now_s) / 86400))
if [[ -z $date ]]; then echo -n "does not respond " echo -ne "\033[31;1m" echo FAILURE ((result += 1)) elif [[ $date_diff -gt 20 ]]; then echo -n "issuer:$issuer " echo -n "will expire in $date_diff days " echo -ne "\033[32;1m" echo ok elif [[ $date_diff -gt 0 ]]; then echo -n "issuer:$issuer " echo -n "will expire in $date_diff days " echo -ne "\033[31;1m" echo WARNING ((result += 1)) else echo -n "issuer:$issuer " echo -n "has already expired $date_diff ago " echo -ne "\033[31;1m" echo FAILURE ((result += 1)) fi echo -ne "\033[0m" }
#MAIN [[ -z "$DOMAIN" ]] && usage case $PROTOCOL in https | 443) check_ssl HTTPS 443 ;; smtps | 587) check_ssl SMTPS 587 ;; pop3 | 995) check_ssl POP3 995 ;; imap | 993) check_ssl IMAP 993 ;; all | ALL) check_ssl HTTPS 443 check_ssl SMTPS 587 check_ssl POP3 995 check_ssl IMAP 993 ;; *) usage ;; esac
exit "$result"
|