Generate .ics iCal event for TLS Certificate Expiration

1. #!/usr/bin/env python
2.  
3. import sys
4. from datetime import datetime,timedelta
5. import pytz
6. import uuid
7. try:
8.     from OpenSSL import crypto
9. except:
10.     print ("Do you have pyOpenSSL? Try 'pip install pyOpenSSL'.")
11.     exit(1)
12. try:
13.     from icalendar import Calendar,Event,Alarm
14. except:
15.     print ("Do you have Python icalendar installed? Try 'pip install icalendar'.")
16.     exit(1)
17.  
18. class InvalidCertificateException(Exception):
19.     pass
20.    
21.  
22. class CertificateExpiration(Calendar):
23.     PRODID='-//Certificate expiration tracker'
24.     VERSION="2.0"
25.    
26.     def __init__(self,certfile,local_tz_str,email_addr):
27.         super(self.__class__, self).__init__()
28.         try:
29.             cert=crypto.load_certificate(crypto.FILETYPE_PEM, file(certfile).read())
30.         except crypto.Error:
31.             print("Error loading certificate file: %s" % certfile)
32.             raise InvalidCertificateException()
33.            
34.         commonName=str(cert.get_subject().commonName)
35.         expires_datetime=pytz.utc.localize(datetime.strptime(cert.get_notAfter(),"%Y%m%d%H%M%SZ"))
36.         local_tz=pytz.timezone(local_tz_str)
37.         local_expires=expires_datetime.astimezone(local_tz)
38.        
39.         self.expires=local_expires.date()
40.         nextday=self.expires+timedelta(days=1)
41.         self.add('prodid',self.PRODID)
42.         self.add('version',self.VERSION)
43.        
44.         event=Event()
45.         event.add('summary', ("Certificate Expiration: %s" % commonName))
46.         event.add('dtstart',self.expires)
47.         event.add('dtend',nextday)
48.         event.add('uid',uuid.uuid4())
49.         event.add('dtstamp',datetime.now())
50.        
51.        
52.         #Human readable time string with time zone (reflecting daylight savings time)
53.         #to add to calendar event description
54.  
55.         local_expires_str=local_expires.strftime("%Y-%m-%d, %-I:%M %p %Z")
56.         description="TLS Certificate CN: %s\r\n" % commonName
57.         description+="expires on: %s\r\n" % local_expires_str
58.         event.add('Description',description)
59.        
60.         #Email alarms are considered unsafe and are removed by Calendar.app
61.         # emailAlarm=Alarm()
62.         # emailAlarm.add('trigger',timedelta(days=-30))
63.         # emailAlarm.add('action','EMAIL')
64.         # emailAlarm.add('attendee',email_addr)
65.         # emailAlarm.add('summary',"Certificate expires in 30 days: %s" % commonName)
66.         # emailAlarm.add('description',"This is a reminder that the TLS certificate for %s expires on: %s" % (commonName,local_expires_str))
67.         # emailAlarm.add('uid',uuid.uuid4())
68.         # event.add_component(emailAlarm)
69.  
70.         displayAlarm=Alarm()
71.         #this ends up being 7 days, since the "all day" event starts at T-1day
72.         displayAlarm.add('trigger',timedelta(days=-6))
73.         displayAlarm.add('description','Certificate expires in 7 days: %s' % commonName)
74.         displayAlarm.add('action','DISPLAY')
75.         displayAlarm.add('uid',uuid.uuid4())
76.         event.add_component(displayAlarm)
77.         self.add_component(event)
78.         print self
79.    
80.     def display(self):
81.         return self.to_ical() #.replace('\r\n','\n').strip()
82.    
83.     def write(self,filename):
84.         open(filename,"wb").write(self.to_ical()    )
85.  
86.  
87. def main(cert_filename,local_tz_str,ics_filename,email_addr):
88.     try:
89.         cert_expiration=CertificateExpiration(cert_filename,local_tz_str,email_addr)
90.     except InvalidCertificateException:
91.         exit(1)
92.     cert_expiration.write(ics_filename)
93.    
94. if __name__ == '__main__':
95.     tz_str="America/Los_Angeles"
96.     certfile=sys.argv[1]
97.     email_addr=sys.argv[2]
98.     main(certfile,tz_str,"./Cert Expiration.ics",email_addr)