Select Git revision
constantphase.cpp
-
Carl Philipp Klemm authoredCarl Philipp Klemm authored
check-certs 2.10 KiB
#!/bin/bash
# DEFAULTS
WarnDays=60
CritDays=30
workdir=/usr/local/cert
searchfile=cert.pem
ec=0
tmpfile=$( mktemp )
function usage {
echo >&2
echo "$0 [-w <days>] [-c <days>] [-d <dir>] [-f <filename>]" >&2
echo >&2
echo "checks if enddate of certificates in location are critical." >&2
echo >&2
echo "Usage:" >&2
echo " -w <days> day threshold for status WARNING (exitcode=1)" >&2
echo " DEFAULT:$WarnDays" >&2
echo " -c <days> day threshold for status CRITICAL (exitcode=2)" >&2
echo " DEFAULT:$CritDays" >&2
echo " -d <dir> working directory with subdirs" >&2
echo " DEFAULT:$workdir" >&2
echo " -f <filename> filename to find" >&2
echo " DEFAULT:$searchfile" >&2
echo >&2
exit 3
}
# OPTIONS
while getopts "?w:c:d:n:" opt
do
case $opt in
w)
WarnDays=$OPTARG
;;
c)
CritDays=$OPTARG
;;
d)
workdir=$OPTARG
;;
f)
searchfile=$OPTARG
;;
\?)
usage
;;
esac
done
# TABLE HEADER OUTPUT
echo -e "enddate\t\tdays\tstatus\tfile"
# WORKING CHECKS
(
for cert in $( find $workdir -name $searchfile )
do
enddate=$(date -d "$(openssl x509 -in $cert -enddate -nocert | sed 's/notAfter=//g')" +%F)
let datediff=($(date -d$enddate +%s)-$(date +%s))/86400
if [ $datediff -gt $WarnDays ]
then
status="[OK]"
elif [ $datediff -gt $CritDays ]
then
status="[WARN]"
[ $ec -lt 1 ] && ec=1
else
status="[CRIT]"
[ $ec -lt 2 ] && ec=2
fi
echo -e "$enddate\t$datediff\t$status\t$cert"
done
echo $ec > $tmpfile
) | sort
ec=$( cat $tmpfile )
rm $tmpfile
exit $ec