API tools faq
paste
Guest User

Untitled

a guest
Nov 24th, 2018
188
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.21 KB | None | 0 0
raw download clone embed print report
  1. ######################################################
  2. # List certificates, find if a cert is expired.
  3. # Requirements for sending emails: postfix, mailutils
  4. #
  5. # 15-12-2015
  6. # Julian Capilla
  7. # lyhan_jr@hotmail.com
  8. ######################################################
  9.  
  10. #!/bin/bash
  11. pass="changeit"
  12. cacerts="$1"
  13. alias="$2"
  14. to="$3"
  15.  
  16. if [ ! "$cacerts" ];then echo "Please enter cacerts file path" && exit;fi
  17.  
  18. if [ "$alias" = "--help" ] || [ "$cacerts" = "--help" ];then
  19.  
  20. echo "Read cacert file and print expiration time of certificates"
  21. echo ""
  22. echo "$(basename $0) {cacerts file} {alias | option} {optional email}"
  23. echo "Example: $(basename $0) cacerts alias test@email.com,test2@email.com"
  24. echo "Options:"
  25. echo -e "\t-P\t\tPrints all aliases in cacerts file."
  26. echo -e "\t--all\t\tCheck all the certificates."
  27. echo -e "\t--help\t\tPrint this help."
  28. echo ""
  29. exit 0
  30. fi
  31.  
  32. if [ ! "$alias" ];then echo "Please enter alias or valid option" && exit;fi
  33. if [ ! -f $cacerts ];then echo "$cacerts is not a valid file." && exit 1;fi
  34. if [ "$2" = "-P" ]
  35. then
  36. # List aliases
  37. keytool -list -keystore $cacerts -storepass $pass | grep -v Certificate | cut -d, -f 1 -
  38. elif [ "$2" = "--all" ];then
  39. for a in $(./"$0" $cacerts -P);do
  40. out="$(./"$0" $cacerts "$a" $to | egrep 'Valid|Expired')"
  41. if [ "$out" ];then echo -e $out"\t[$a]";fi
  42. done
  43. else
  44. # Check dates
  45. output="$(keytool -list -v -alias $2 -keystore $cacerts -storepass $pass | grep Valid)"
  46. if [ ! "$output" ];then echo "Certificate alias not found." && exit 0;fi
  47. from="$(echo $output | awk -F'from:' '{print $2$3}'| cut -c -30)"
  48. until="$(echo $output | awk -F'until:' '{print $2$3}'| cut -c -30)"
  49. # Check if email and send email if cert is about to expire in less than 30 days
  50. if [ $to ];then
  51. edate="$(date --date="$until" "+%Y%m%d")"
  52. ndate="$(date "+%Y%m%d")"
  53. time="$(echo $edate - $ndate | bc)"
  54. if [ $time -lt 30 ];then echo "Please renew certificate in '$cacerts'. Certificate '$alias' expires $until" | mail -s "Certificate about to expire in $(hostname)" $to ;fi
  55. fi
  56. if [ $(date +%Y%m%d) -lt $(date --date="$until" "+%Y%m%d") ];then echo "Valid until: $until";else echo Expired: $until;fi
  57. fi
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!