30 day reminder certificates bash.

Like i said, im stil very new in Unix / Linux. Came up with the following to check for certificates that are gonna expire within 30 days time, it sends a mail to the chosen emailadres if u add it to the crontab.

#!/usr/local/bin/bash
# check certificate and mail output bla.
HOST=`hostname`
DOMAINS=`ls /home/vhosts/*/certificates/*.crt | sed ‘s/\/home\/vhosts\/\(.*\)certificates/\1/g’ | sed s/”\/\/.*”/””/`

for DOMAIN in $DOMAINS
do
CERT=`ls /home/vhosts/$DOMAIN/certificates/*.crt`
for CERTS in $CERT
do
expiry=$(openssl x509 -in $CERTS -noout -enddate | cut -d’=’ -f2 | awk ‘{print $2 ” ” $1 ” ” $4}’)

Expirydate=$(date -j -f “%d %b %Y” “${expiry}” +%s)
Today=$(date +%s)
secondsToExpire=$(echo ${Expirydate} – ${Today} | bc)
daysToExpire=$(echo “${secondsToExpire} / 60 / 60 / 24” | bc)

DAYS=${daysToExpire}

if [ $DAYS -lt 30 ]
then
echo “——- Certificate check ——-” > /tmp/mailcert.txt
echo “$DOMAIN verloopt over $DAYS dagen.” > /tmp/mailcert.txt

/usr/bin/mail -s “Certificaten check $HOST” who@knows.nl < /tmp/mailcert.txt

fi
done
done

Gr gr
Thomas

Leave a Reply

Your email address will not be published. Required fields are marked *