Created
March 3, 2016 17:16
-
-
Save tobozo/0254929381fb4b65dffd to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!doctype html> | |
| <html> | |
| <head> | |
| <meta charset="utf-8"> | |
| <style type="text/css"> | |
| label > input { | |
| opacity:0; | |
| width:1px; | |
| height:1px; | |
| overflow: hidden; | |
| display: inline-block; | |
| line-height:0; | |
| border:0; | |
| padding:0; | |
| margin:0; | |
| } | |
| input ~ span ~ pre { | |
| display: none; | |
| } | |
| input:checked ~ span ~ pre { | |
| display: block; | |
| } | |
| </style> | |
| </head> | |
| <body> | |
| <?php | |
| if(!function_exists("stream_context_get_params")) { | |
| function stream_context_get_params($stream_or_context) { | |
| return array("options"=>stream_context_get_options($stream_or_context)); | |
| } | |
| } | |
| $domains = array( | |
| 'microsoft.com', | |
| 'yahoo.com', | |
| 'letsencrypt.org' | |
| ); | |
| $notifyEmail = 'your.personal.email@your-mailbox-provider'; | |
| foreach($domains as $domain) { | |
| certinfo($domain); | |
| } | |
| function certinfo($domain) { | |
| $certinfo = array(); | |
| ob_start(); // capture PHP warning/errors | |
| $url = "https://".$domain; | |
| $orignal_parse = parse_url($url, PHP_URL_HOST); | |
| $get = stream_context_create(array("ssl" => array("capture_peer_cert" => TRUE))); | |
| $read = stream_socket_client("ssl://".$orignal_parse.":443", $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $get); | |
| $cert = stream_context_get_params($read); | |
| $certinfo = openssl_x509_parse($cert['options']['ssl']['peer_certificate']); | |
| $contents = ob_get_contents(); | |
| ob_end_clean(); | |
| echo "<label><input type=checkbox /><span>[+]</span><pre>".print_r($certinfo, 1)."</pre></label>"; | |
| if($contents!='' || !isset($certinfo['validTo_time_t'])) { | |
| $msg = "[ERROR]: could not retrieve Expiration date for $domain"; | |
| echo "$msg<br />"; | |
| mail($notifyEmail, $msg, $msg); | |
| } else { | |
| $delta = $certinfo['validTo_time_t'] - time(); | |
| $lifetime = floor( ($certinfo['validTo_time_t'] - $certinfo['validFrom_time_t']) / 60 / 60 / 24); | |
| if( $delta > 0 ) { | |
| // not (yet) expired | |
| $days = floor($delta / 60 / 60 / 24); | |
| $hours = floor( ($delta - ($days*60*60*24)) / 60 / 60); | |
| $minutes = floor( ($delta-($days*60*60*24)-($hours*60*60)) / 60); | |
| $seconds = floor($delta-($days*60*60*24)-($hours*60*60)-($minutes*60)); | |
| $notify = false; | |
| switch(true) { | |
| case $days <= 1: | |
| $msg = "[WARNING] $lifetime Cert for $domain (lifetime: $lifetime days) will expire today!!!"; | |
| echo "$msg<br />"; | |
| $notify = true; | |
| break; | |
| case $days<10: | |
| $msg = "[WARNING] $lifetime Cert for $domain (lifetime: $lifetime days) will expire in $days days!!!"; | |
| echo "$msg<br />"; | |
| $notify = true; | |
| break; | |
| case $days==10: | |
| case $days==15: | |
| case $days==30: | |
| $msg = "[WARNING] Cert for $domain (lifetime: $lifetime days) will expire in $days days!!!"; | |
| echo "$msg<br />"; | |
| $notify = true; | |
| break; | |
| default: | |
| $msg = sprintf("[SUCCESS] TLS certificate for %s (lifetime: %s days ) will expire in: %s days %02dh %02dm %02ds", | |
| $domain, | |
| $lifetime, | |
| $days, | |
| $hours, | |
| $minutes, | |
| $seconds | |
| ); | |
| echo "$msg<br />"; | |
| } | |
| if($notify) { | |
| mail($notifyEmail $msg, $msg); | |
| } | |
| } else { | |
| // has expired !!! | |
| $msg = "[WARNING} Cert for $domain (lifetime: $lifetime days) has expired! Please renew ASAP..."; | |
| mail($notifyEmail, $msg, $msg); | |
| echo "$msg<br />"; | |
| // TODO : spam emergency channel | |
| } | |
| } | |
| } | |
| ?></body> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment