Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #########################################################################################################################
- #########################################################################################################################
- <#
- Description:
- This script will take a list of HTTPS URLs and check it's certificate for an expiration date.
- It will send out an HTML table report with highlited "EXPIRED", "ABOUT TO EXPIRE" and "ERROR"
- status messages according to a pre-defined threashold.
- Usage:
- Edit the mail server credentials and "minimumCertAgeDays" variable further down.
- Run the script normally.
- Troubleshooting:
- If you get an error message like: 'Cannot convert value “21/08/2015 23:59:59″ to type “System.DateTime”',
- remove lines 184-183.
- Credit:
- Coloring tabs:
- http://community.spiceworks.com/scripts/show/2450-change-cell-color-in-html-table-with-powershell-set-cellcolor
- Getting SSL cert expiration dates with PS:
- https://iamoffthebus.wordpress.com/2014/02/04/powershell-to-get-remote-websites-ssl-certificate-expiration/
- Gil Falkovitch for combining everything into a report.
- #>
- #########################################################################################################################
- #########################################################################################################################
- Function Set-CellColor
- {
- [CmdletBinding()]
- Param (
- [Parameter(Mandatory,Position=0)]
- [string]$Property,
- [Parameter(Mandatory,Position=1)]
- [string]$Color,
- [Parameter(Mandatory,ValueFromPipeline)]
- [Object[]]$InputObject,
- [Parameter(Mandatory)]
- [string]$Filter,
- [switch]$Row
- )
- Begin {
- Write-Verbose "$(Get-Date): Function Set-CellColor begins"
- If ($Filter)
- { If ($Filter.ToUpper().IndexOf($Property.ToUpper()) -ge 0)
- { $Filter = $Filter.ToUpper().Replace($Property.ToUpper(),"`$Value")
- Try {
- [scriptblock]$Filter = [scriptblock]::Create($Filter)
- }
- Catch {
- Write-Warning "$(Get-Date): ""$Filter"" caused an error, stopping script!"
- Write-Warning $Error[0]
- Exit
- }
- }
- Else
- { Write-Warning "Could not locate $Property in the Filter, which is required. Filter: $Filter"
- Exit
- }
- }
- }
- Process {
- ForEach ($Line in $InputObject)
- { If ($Line.IndexOf("<tr><th") -ge 0)
- { Write-Verbose "$(Get-Date): Processing headers..."
- $Search = $Line | Select-String -Pattern '<th ?[a-z\-:;"=]*>(.*?)<\/th>' -AllMatches
- $Index = 0
- ForEach ($Match in $Search.Matches)
- { If ($Match.Groups[1].Value -eq $Property)
- { Break
- }
- $Index ++
- }
- If ($Index -eq $Search.Matches.Count)
- { Write-Warning "$(Get-Date): Unable to locate property: $Property in table header"
- Exit
- }
- Write-Verbose "$(Get-Date): $Property column found at index: $Index"
- }
- If ($Line -match "<tr( style=""background-color:.+?"")?><td")
- { $Search = $Line | Select-String -Pattern '<td ?[a-z\-:;"=]*>(.*?)<\/td>' -AllMatches
- $Value = $Search.Matches[$Index].Groups[1].Value -as [double]
- If (-not $Value)
- { $Value = $Search.Matches[$Index].Groups[1].Value
- }
- If (Invoke-Command $Filter)
- { If ($Row)
- { Write-Verbose "$(Get-Date): Criteria met! Changing row to $Color..."
- If ($Line -match "<tr style=""background-color:(.+?)"">")
- { $Line = $Line -replace "<tr style=""background-color:$($Matches[1])","<tr style=""background-color:$Color"
- }
- Else
- { $Line = $Line.Replace("<tr>","<tr style=""background-color:$Color"">")
- }
- }
- Else
- { Write-Verbose "$(Get-Date): Criteria met! Changing cell to $Color..."
- $Line = $Line.Replace($Search.Matches[$Index].Value,"<td style=""background-color:$Color"">$Value</td>")
- }
- }
- }
- Write-Output $Line
- }
- }
- End {
- Write-Verbose "$(Get-Date): Function Set-CellColor completed"
- }
- }
- Function sendemail($subject,$body,$recipients,$smtpUsername,$smtpPassword,$smtpServer,$fromAddress,$useCredentials,$useSSL,$port){
- $secpasswd = ConvertTo-SecureString “$smtpPassword” -AsPlainText -Force
- $mycreds = New-Object System.Management.Automation.PSCredential (“$smtpUsername”, $secpasswd)
- if ($useCredentials){
- if ($useSSL){
- Send-MailMessage -To "$recipients" -SmtpServer "$smtpServer" -Credential $mycreds -UseSsl -subject "$subject" -Port "587" -Body "$body" -From "$fromAddress" -BodyAsHtml
- }
- else{
- Send-MailMessage -To "$recipients" -SmtpServer "$smtpServer" -Credential $mycreds -subject "$subject" -Port "587" -Body "$body" -From "$fromAddress" -BodyAsHtml
- }
- }
- else{
- Send-MailMessage -To "$recipients" -SmtpServer "$smtpServer" -subject "$subject" -Port "587" -Body "$body" -From "$fromAddress" -BodyAsHtml
- }
- }
- function checkURL($url){
- try {
- $stuff = "" | select URL,ExpirationDate, DaysLeft, StatusCode, Status
- $stuff.URL = $url
- $req = [Net.HttpWebRequest]::Create($url)
- $req.Timeout = $timeoutMilliseconds
- $res = $req.GetResponse()
- $stuff.statuscode = [int]$res.statuscode
- $expiration = $req.ServicePoint.Certificate.GetExpirationDateString()
- $a = $expiration
- #$expiration=[DateTime]$expiration
- $expiration
- #$a = $a.Replace(' AM','')
- #$a = $a.Replace(' PM','')
- $d = [datetime]::ParseExact($a, 'M/d/yyyy h:mm:s tt', $null)
- $expiration = $d
- $stuff.ExpirationDate = $expiration
- [int]$certExpiresIn = ($expiration - $(get-date)).Days
- $stuff.DaysLeft = $certExpiresIn
- if ($certExpiresIn -gt $minimumCertAgeDays){
- Write-Host Cert for site $url expires in $certExpiresIn days [on $expiration] -f Green
- $stuff.status = "VALID"
- }
- else
- {
- if ( $certExpiresIn -le $minimumCertAgeDays -and $certExpiresIn -ge 1 ) {
- $stuff.status = "ABOUT TO EXPIRE!"
- }
- else{
- $stuff.status = "EXPIRED!"
- }
- }
- $global:certs += $stuff
- rv expiration
- rv certExpiresIn
- #rv a
- #rv d
- rv req
- }
- catch {
- Write-host $_
- if ( ( $_ | Select-String "Not Found") -ne $null ){
- $certError = $true
- $stuff.Status = "ERROR!"
- $stuff.statuscode = 404
- $global:certs+= $stuff
- }
- if ( ( $_ | Select-String "Forbidden") -ne $null ){
- $certError = $true
- $stuff.Status = "ERROR!"
- $stuff.statuscode = 403
- $global:certs+= $stuff
- }
- # rv expiration
- #rv certExpiresIn
- #rv req
- }
- }
- ####################################################################################################
- ##################################EDIT THESE########################################################
- $useCredentials = $true
- $useSSL = $true
- $smtpUsername = “AKIAJFP2TLXVFCGUSTYQ”
- $smtpPassword = “AmriFemd2WlilqWI7g2p2bepvq+Z09pp+S3TLlgS6Uom”
- $smtpServer = "email-smtp.eu-west-1.amazonaws.com"
- $fromAddress = "SSL Report <sslreport@nayax.com>"
- $recipients = "admin@nayax.com"
- $port = "587"
- $minimumCertAgeDays = 30
- $timeoutMilliseconds = 10000
- $urls = @("https://jira.nayax.net:8061","https://jira.nayax.net:8081","https://jira.nayax.net:8091","https://nayaxvend.com","https://my.nayax.com",
- "https://beta.nayax.net", "https://m.nayax.net", "https://prepaid.nayax.com","https://gitlab.nayax.net","https://bi.nayax.com/QvAjaxZfc/QvsStatus.aspx",
- "https://api.pay.nayax.net/sslcheck.html", "https://static.nayax.com/logo/dually-logo_50.png","https://beta.nayax.net","https://prepaid.nayax.com" )
- ##################################EDIT THESE########################################################
- ####################################################################################################
- $Header = @"
- <style>
- TABLE {border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;}
- TH {border-width: 1px;padding: 3px;border-style: solid;border-color: black;background-color: #6495ED;}
- TD {border-width: 1px;padding: 3px;border-style: solid;border-color: black;}
- </style>
- <title>
- Title of my Report
- </title>
- "@
- $certs = @()
- #disabling the cert validation check. This is what makes this whole thing work with invalid certs...
- #[Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
- foreach ($url in $urls) { checkURL $url }
- $statusError = $false
- $statusExpired = $false
- $StatusAboutToExpire = $false
- $sub = "SUCCESS: All certs are VALID!"
- foreach ( $stat in $certs.status ){
- switch ($stat){
- "ERROR!" { $sub = "CRITICAL: Unable to determine some certs!";
- $statusError = $true
- ;break; }
- "EXPIRED!" { $sub = "CRITICAL: Some certs EXPIRED!";
- $statusExpired = $true
- break; }
- "ABOUT TO EXPIRE!" { $sub = "WARNING: Some certs are about to EXPIRE!";
- $StatusAboutToExpire = $true
- break; }
- }
- }
- $bod = $certs | ConvertTo-Html -Head $Header -Body "<h1>Certificate Report</h1>" -PostContent "Threshold: $minimumCertAgeDays days" | Set-CellColor -Property Status -color green -filter "status -eq 'VALID'"
- if ($statusAboutToExpire){ $bod = $bod | Set-CellColor -Property status -color yellow -filter "status -eq 'ABOUT TO EXPIRE!'" }
- if ($statusError){$bod = $bod | Set-CellColor -Property status -color red -filter "status -eq 'ERROR!'" }
- if ($statusExpired){$bod = $bod | Set-CellColor -Row -Property status -color red -filter "status -eq EXPIRED!'" }
- Write-Host "Sending report..." -f green
- sendemail "$sub" "$bod" "$recipients" "$smtpUsername" "$smtpPassword" "$smtpServer" "$fromAddress" $useCredentials $useSSL "$port"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement