Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import socket
- import ssl, boto3
- import re,sys,os,datetime
- def ssl_expiry_date(domainname='xxx.xxx.xxx.xxx'):
- ssl_date_fmt = r'%b %d %H:%M:%S %Y %Z'
- context = ssl.create_default_context()
- conn = context.wrap_socket(
- socket.socket(socket.AF_INET),
- server_hostname=domainname,
- )
- # 3 second timeout because Lambda has runtime limitations
- conn.settimeout(3.0)
- conn.connect((domainname, 443))
- ssl_info = conn.getpeercert()
- return datetime.datetime.strptime(ssl_info['notAfter'], ssl_date_fmt).date()
- def ssl_valid_time_remaining(domainname='xxx.xxx.xxx.xxx'):
- """Number of days left."""
- expires = ssl_expiry_date(domainname='xxx.xxx.xxx.xxx')
- return expires - datetime.datetime.utcnow().date()
- def sns_Alert(dName, eDays, sslStatus):
- sslStat = dName + ' SSL certificate will be expired in ' + eDays +' days!! '
- snsSub = dName + ' SSL Certificate Expiry ' + sslStatus + ' alert'
- print(sslStat)
- print (snsSub)
- response = client.publish(
- TargetArn="arn:aws:sns:us-west-2:1111111111:cert_check",
- Message= sslStat,
- Subject= snsSub
- )
- #####Main Section
- client = boto3.client('sns')
- def lambda_handler(event, context):
- f = ['xxx.xxx.xxx.xxx']
- for dName in f:
- expDate = ssl_valid_time_remaining(dName.strip())
- (a, b) = str(expDate).split(',')
- (c, d) = a.split(' ')
- if int(c) < 40:
- sns_Alert(dName, str(c), 'Critical')
- elif int(c) == 60:
- sns_Alert(dName, str(c), 'Warning')
- elif int(c) == 90:
- sns_Alert(dName, str(c), 'Warning')
- else:
- number = '+1777777'
- sns.publish(PhoneNumber = number, Message='cert checker failed' )
- exit()
- ########## ERROR ###########
- {
- "errorMessage": "[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:749)",
- "errorType": "SSLError",
- "stackTrace": [
- [
- "/var/task/lambda_function.py",
- 40,
- "lambda_handler",
- "expDate = ssl_valid_time_remaining(dName.strip())"
- ],
- [
- "/var/task/lambda_function.py",
- 20,
- "ssl_valid_time_remaining",
- "expires = ssl_expiry_date(domainname='35.167.132.157')"
- ],
- [
- "/var/task/lambda_function.py",
- 14,
- "ssl_expiry_date",
- "conn.connect((domainname, 443))"
- ],
- [
- "/var/lang/lib/python3.6/ssl.py",
- 1093,
- "connect",
- "self._real_connect(addr, False)"
- ],
- [
- "/var/lang/lib/python3.6/ssl.py",
- 1084,
- "_real_connect",
- "self.do_handshake()"
- ],
- [
- "/var/lang/lib/python3.6/ssl.py",
- 1061,
- "do_handshake",
- "self._sslobj.do_handshake()"
- ],
- [
- "/var/lang/lib/python3.6/ssl.py",
- 683,
- "do_handshake",
- "self._sslobj.do_handshake()"
- ]
- ]
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
