aequitas · September 23, 2016 11:48
diff --git a/ssl-expire b/ssl-expire
 #!/bin/bash

 # based on: https://github.com/skylime/mi-core-base/blob/master/copy/opt/core/bin/ssl-expire.sh

 domains=${*:?}
 today_unixtime=$(date +%s)
 trigger_unixtime=$(date +%s -d "+31 days")

 for domain in ${domains}; do

    crt="${TMPDIR:-/tmp}/$(mktemp cert-XXXXX)"
    echo | openssl s_client -connect "${domain}:443" 2>/dev/null > "$crt"
    if [[ $? -ne 0 ]];then
        error[${#error[*]}]="$domain"
        rm "$crt"
        continue
    fi
    subject=$(openssl x509 -in "${crt}" -subject -noout | sed 's:.*/CN=\(.*\)$:\1:g')
    expire_unixtime=$(date --date="$(openssl x509 -in "${crt}" -enddate -noout | cut -d= -f 2)" +%s)
    rm "$crt"
    expire_datetime=$(date +"%Y-%m-%d" -d "@${expire_unixtime}")

    # expired
    if [ "${today_unixtime}" -gt "${expire_unixtime}" ]; then
        critical[${#critical[*]}]="${expire_datetime}: ${subject} ($domain)"
    # expire during trigger unixtime
    elif [[ ${expire_unixtime} -lt ${trigger_unixtime} && ${expire_unixtime} -gt ${today_unixtime} ]]; then
        warning[${#warning[*]}]="${expire_datetime}: ${subject} ($domain)"
    fi
 done

 # Output
 if [[ "${error[0]}" ]]; then
    echo "ERRORED: "
    (for c in "${error[@]}"; do
        echo " ${c}"
    done) | sort -M -k 2
 fi

 if [[ "${critical[0]}" ]]; then
    echo "EXPIRED: "
    (for c in "${critical[@]}"; do
        echo " ${c}"
    done) | sort -M -k 2
 fi

 if [[ "${warning[0]}" ]]; then
    echo "EXPIRE SOON: "
    (for w in "${warning[@]}"; do
        echo " ${w}"
    done) | sort -M -k 2
 fi
	#!/bin/bash

	# based on: https://github.com/skylime/mi-core-base/blob/master/copy/opt/core/bin/ssl-expire.sh

	domains=${*:?}
	today_unixtime=$(date +%s)
	trigger_unixtime=$(date +%s -d "+31 days")

	for domain in ${domains}; do

	crt="${TMPDIR:-/tmp}/$(mktemp cert-XXXXX)"
	echo \| openssl s_client -connect "${domain}:443" 2>/dev/null > "$crt"
	if [[ $? -ne 0 ]];then
	error[${#error[*]}]="$domain"
	rm "$crt"
	continue
	fi
	subject=$(openssl x509 -in "${crt}" -subject -noout \| sed 's:./CN=\(.\)$:\1:g')
	expire_unixtime=$(date --date="$(openssl x509 -in "${crt}" -enddate -noout \| cut -d= -f 2)" +%s)
	rm "$crt"
	expire_datetime=$(date +"%Y-%m-%d" -d "@${expire_unixtime}")

	# expired
	if [ "${today_unixtime}" -gt "${expire_unixtime}" ]; then
	critical[${#critical[*]}]="${expire_datetime}: ${subject} ($domain)"
	# expire during trigger unixtime
	elif [[ ${expire_unixtime} -lt ${trigger_unixtime} && ${expire_unixtime} -gt ${today_unixtime} ]]; then
	warning[${#warning[*]}]="${expire_datetime}: ${subject} ($domain)"
	fi
	done

	# Output
	if [[ "${error[0]}" ]]; then
	echo "ERRORED: "
	(for c in "${error[@]}"; do
	echo " ${c}"
	done) \| sort -M -k 2
	fi

	if [[ "${critical[0]}" ]]; then
	echo "EXPIRED: "
	(for c in "${critical[@]}"; do
	echo " ${c}"
	done) \| sort -M -k 2
	fi

	if [[ "${warning[0]}" ]]; then
	echo "EXPIRE SOON: "
	(for w in "${warning[@]}"; do
	echo " ${w}"
	done) \| sort -M -k 2
	fi