-
-
Save Sean-Bradley/7826495e54f52865dd1d0af14a6570ea to your computer and use it in GitHub Desktop.
| data=`echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -enddate | sed -e 's#notAfter=##'` | |
| ssldate=`date -d "${data}" '+%s'` | |
| nowdate=`date '+%s'` | |
| diff="$((${ssldate}-${nowdate}))" | |
| echo $((${diff}/86400)) |
We added support for a second parameter "PORT".
By default without specifying a port is uses 443.
If you use a key: checkssl.sh[costlogic.adm.swri.edu,7002]
It will test using port 7002.Looks like it works all around.. If you see any issues it can be reverted by removing the IF statement and replacing $PORT with 443.
[root@zabbix-svr ~]# cat /usr/share/zabbix/externalscripts/checkssl.sh
#!/bin/bash
if [ -z $2 ] ; then
PORT=443
else
PORT=$2
fi
data=echo | openssl s_client -servername $1 -connect $1:$PORT 2>/dev/null | openssl x509 -noout -enddate | sed -e 's#notAfter=##'ssldate=
date -d "${data}" '+%s'
nowdate=date '+%s'
diff="$((${ssldate}-${nowdate}))"echo
$(($ {diff}/86400))This could be something you want to include in your script for future use. It may not be as clean but it works.
Thanks
missing or " " on data, ssldate & nowdate.
Thanks, works like a charm.
Particularly useful if we have some protected hosts and public check of SSL expiration is not possible. Script is doing it locally on own host, nice.
All the best
Thats a useful addition, thanks.