You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
80 lines
1.7 KiB
80 lines
1.7 KiB
#!/bin/bash
|
|
readonly DOMAIN=$1
|
|
readonly PROTOCOL=${2:-https}
|
|
readonly TIMEOUT=10 # max seconds to wait
|
|
|
|
result=0
|
|
|
|
function usage {
|
|
echo 'usage: <DOMAIN> [ https | 443 | smtps | 587 | pop3 | 993 | imap | 995 | ALL ]'
|
|
exit -1
|
|
}
|
|
|
|
function check_ssl {
|
|
local protocol=$1
|
|
case $protocol in
|
|
SMTPS )
|
|
local extra="-starttls smtp -showcerts"
|
|
;;
|
|
esac
|
|
|
|
echo -n "$protocol "
|
|
|
|
|
|
certificate_info=$(echo | timeout $TIMEOUT openssl s_client $extra -connect $DOMAIN:$2 2>/dev/null)
|
|
|
|
issuer=$(echo "$certificate_info" | openssl x509 -noout -text 2>/dev/null | grep Issuer: | cut -d: -f2)
|
|
date=$( echo "$certificate_info" | openssl x509 -noout -enddate 2>/dev/null | cut -d'=' -f2)
|
|
date_s=$(date -d "${date}" +%s)
|
|
now_s=$(date -d now +%s)
|
|
date_diff=$(( (date_s - now_s) / 86400 ))
|
|
|
|
if [[ -z $date ]]; then
|
|
echo -n "does not respond "
|
|
echo -ne "\033[31;1m"
|
|
echo FAILURE
|
|
(( result += 1 ))
|
|
elif [[ $date_diff -gt 20 ]]; then
|
|
echo -n "issuer:$issuer "
|
|
echo -n "will expire in $date_diff days "
|
|
echo -ne "\033[32;1m"
|
|
echo ok
|
|
elif [[ $date_diff -gt 0 ]];then
|
|
echo -n "issuer:$issuer "
|
|
echo -n "will expire in $date_diff days "
|
|
echo -ne "\033[31;1m"
|
|
echo WARNING
|
|
(( result += 1 ))
|
|
else
|
|
echo -n "issuer:$issuer "
|
|
echo -n "has already expired $date_diff ago "
|
|
echo -ne "\033[31;1m"
|
|
echo FAILURE
|
|
(( result += 1 ))
|
|
fi
|
|
echo -ne "\033[0m"
|
|
}
|
|
|
|
#MAIN
|
|
[[ -z "$DOMAIN" ]] && usage
|
|
case $PROTOCOL in
|
|
https | 443 )
|
|
check_ssl HTTPS 443;;
|
|
smtps | 587 )
|
|
check_ssl SMTPS 587;;
|
|
pop3 | 995 )
|
|
check_ssl POP3 995;;
|
|
imap | 993 )
|
|
check_ssl IMAP 993;;
|
|
all | ALL )
|
|
check_ssl HTTPS 443
|
|
check_ssl SMTPS 587
|
|
check_ssl POP3 995
|
|
check_ssl IMAP 993
|
|
;;
|
|
*)
|
|
usage
|
|
;;
|
|
esac
|
|
|
|
exit "$result"
|