provisioning tool for building opinionated architecture
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

83 lines
1.6 KiB

10 months ago
8 months ago
10 months ago
8 months ago
10 months ago
8 months ago
10 months ago
8 months ago
10 months ago
8 months ago
10 months ago
8 months ago
10 months ago
8 months ago
10 months ago
8 months ago
10 months ago
8 months ago
10 months ago
8 months ago
10 months ago
  1. #!/bin/bash
  2. readonly DOMAIN=$1
  3. readonly PROTOCOL=${2:-https}
  4. readonly TIMEOUT=10 # max seconds to wait
  5. result=0
  6. function usage {
  7. echo 'usage: <DOMAIN> [ https | 443 | smtps | 587 | pop3 | 993 | imap | 995 | ALL ]'
  8. exit 1
  9. }
  10. function check_ssl {
  11. local protocol=$1
  12. case $protocol in
  13. SMTPS)
  14. local extra="-starttls smtp -showcerts"
  15. ;;
  16. esac
  17. echo -n "$protocol "
  18. certificate_info=$(echo | timeout $TIMEOUT openssl s_client $extra -connect $DOMAIN:$2 2>/dev/null)
  19. issuer=$(echo "$certificate_info" | openssl x509 -noout -text 2>/dev/null | grep Issuer: | cut -d: -f2)
  20. date=$(echo "$certificate_info" | openssl x509 -noout -enddate 2>/dev/null | cut -d'=' -f2)
  21. date_s=$(date -d "${date}" +%s)
  22. now_s=$(date -d now +%s)
  23. date_diff=$(((date_s - now_s) / 86400))
  24. if [[ -z $date ]]; then
  25. echo -n "does not respond "
  26. echo -ne "\033[31;1m"
  27. echo FAILURE
  28. ((result += 1))
  29. elif [[ $date_diff -gt 20 ]]; then
  30. echo -n "issuer:$issuer "
  31. echo -n "will expire in $date_diff days "
  32. echo -ne "\033[32;1m"
  33. echo ok
  34. elif [[ $date_diff -gt 0 ]]; then
  35. echo -n "issuer:$issuer "
  36. echo -n "will expire in $date_diff days "
  37. echo -ne "\033[31;1m"
  38. echo WARNING
  39. ((result += 1))
  40. else
  41. echo -n "issuer:$issuer "
  42. echo -n "has already expired $date_diff ago "
  43. echo -ne "\033[31;1m"
  44. echo FAILURE
  45. ((result += 1))
  46. fi
  47. echo -ne "\033[0m"
  48. }
  49. #MAIN
  50. [[ -z "$DOMAIN" ]] && usage
  51. case $PROTOCOL in
  52. https | 443)
  53. check_ssl HTTPS 443
  54. ;;
  55. smtps | 587)
  56. check_ssl SMTPS 587
  57. ;;
  58. pop3 | 995)
  59. check_ssl POP3 995
  60. ;;
  61. imap | 993)
  62. check_ssl IMAP 993
  63. ;;
  64. all | ALL)
  65. check_ssl HTTPS 443
  66. check_ssl SMTPS 587
  67. check_ssl POP3 995
  68. check_ssl IMAP 993
  69. ;;
  70. *)
  71. usage
  72. ;;
  73. esac
  74. exit "$result"