check_ssl_cert.sh - Issue 29792596: #3298 - SSL monitoring script for icinga

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Delta Between Two Patch Sets: check_ssl_cert.sh

Issue 29792596: #3298 - SSL monitoring script for icinga (Closed)

Left Patch Set: Created May 28, 2018, 2:54 p.m.

Right Patch Set: #3298 - SSL monitoring script for icinga Created July 4, 2018, 2:33 p.m.

Left:
Right:

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

Left: Side by side diff | Download
Right: Side by side diff | Download

LEFT	RIGHT
1 #!/bin/sh	1 #!/bin/sh

2	2

3 # Icinga plugin that checks how many days are left until SSL certificate expires	3 # Icinga plugin that checks how many days are left

4 # Usage: <PluginDir>/check_ssl_cert -H <HOSTNAME> -P <PORT> -c <CRITICAL> -w <WA RNING>	4 # until SSL certificate expires.

	5 # Usage:

	6 # $PLUGIN_DIR/check_ssl_cert.sh -H $HOST -P $PORT -c $CRITICAL -w $WARNING

5	7

6 PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin"	8 get_ssl_expiry_date() {

7 export PATH	9 openssl s_client -connect "$1:$2" </dev/null 2>/dev/null \

8 PROGNAME=`basename $0`	10 \| openssl x509 -noout -enddate 2>/dev/null

9 PROGPATH=`echo $0 \| sed -e 's,[\\/][^\\/][^\\/]*$,,'`	11 }

10

11 . $PROGPATH/utils.sh

12	12

13 CURRENT_DATE=`date +%y%m%d`	13 CURRENT_DATE=`date +%y%m%d`

14 HOST=$2	14 HOST="$2"

15 PORT=$4	15 PORT="$4"

16 CRITICAL=$6	16 CRITICAL="$6"

17 WARNING=$8	17 WARNING="$8"

	18 STATE_OK=0

	19 STATE_WARNING=1

	20 STATE_CRITICAL=2

	21 STATE_UNKNOWN=3

	22 OUTPUT=`get_ssl_expiry_date "$HOST" "$PORT"`

18	23

19 DAY=`echo \| openssl s_client -connect "$HOST":$PORT 2>/dev/null \| openssl x509 - noout -enddate 2>/dev/null \| awk '{print $2}'`	24 if [ -z "$OUTPUT" ]

20

21 if [ ! $DAY ]

22 then	25 then

23 echo "UNKNOWN - Could not connect to $HOST via port $PORT"	26 echo "UNKNOWN - Could not connect to $HOST via port $PORT"

24 exit $STATE_UNKNOWN	27 exit "$STATE_UNKNOWN"

25 fi	28 fi

26	29

27 MONTH=`echo \| openssl s_client -connect "$HOST":$PORT 2>/dev/null \| openssl x509 -noout -enddate \| awk '{print $1}'`	30 DAY=`echo "$OUTPUT" \| awk '{printf "02d", $2}'`

28 MONTH=`echo ${MONTH#*=}`	31 MONTH=`echo "$OUTPUT" \| awk '{print $1}' \| cut -c 10-`

29 YEAR=`echo \| openssl s_client -connect "$HOST":$PORT 2>/dev/null \| openssl x509 -noout -enddate \| awk '{print $4}'`	32 YEAR=`echo "$OUTPUT" \| awk '{print $4}'`

30	33

31 case $MONTH in	34 case "$MONTH" in

	35

32 "Jan")	36 "Jan")

33 MONTH="01"	37 MONTH="01"

34 ;;	38 ;;

35 "Feb")	39 "Feb")

36 MONTH="02"	40 MONTH="02"

37 ;;	41 ;;

38 "Mar")	42 "Mar")

39 MONTH="03"	43 MONTH="03"

40 ;;	44 ;;

41 "Apr")	45 "Apr")

(...skipping 17 matching lines...) Expand all Loading...
59 "Oct")	63 "Oct")

60 MONTH="10"	64 MONTH="10"

61 ;;	65 ;;

62 "Nov")	66 "Nov")

63 MONTH="11"	67 MONTH="11"

64 ;;	68 ;;

65 "Dec")	69 "Dec")

66 MONTH="12"	70 MONTH="12"

67 ;;	71 ;;

68 "*")	72 "*")

	73 echo "An error occured"

	74 exit 1

	75 ;;

69 esac	76 esac

70	77

71 DIFF=$(( ($(date --date="$YEAR$MONTH$DAY" +%s) - $(date --date="$CURRENT_DATE" + %s) )/(606024) ))	78 EXPIRY_DATE_IN_SEC=`date -d "${YEAR}${MONTH}${DAY}" +%s`

	79 CURRENT_DATE_IN_SEC=`date -d "$CURRENT_DATE" +%s`

	80 DIFFERENCE=`expr $ "$EXPIRY_DATE_IN_SEC" - "$CURRENT_DATE_IN_SEC" $ / 86400`

72	81

73 if [ $DIFF -le $CRITICAL ]	82 if [ "$DIFFERENCE" -le "$CRITICAL" ]

74 then	83 then

75 echo "CRITICAL - $HOST: SSL certificate has been expired!"	84 echo "CRITICAL - $HOST: SSL certificate has been expired!"

76 exit $STATE_CRITICAL	85 exit "$STATE_CRITICAL"

77 elif [ $DIFF -le $WARNING ] && [ $DIFF -gt $CRITICAL ]	86 elif [ "$DIFFERENCE" -le "$WARNING" ]

78 then	87 then

79 echo "WARNING - $HOST: SSL certificate will be expired in $DIFF days!"	88 echo "WARNING - $HOST: SSL certificate will be expired in $DIFFERENCE days!"

80 exit $STATE_WARNING	89 exit "$STATE_WARNING"

81 elif [ $DIFF -gt $WARNING ]	90 elif [ "$DIFFERENCE" -gt "$WARNING" ]

82 then	91 then

83 echo "OK - $HOST: SSL certificate will be expired in $DIFF days"	92 echo "OK - $HOST: SSL certificate will be expired in $DIFFERENCE days"

84 exit $STATE_OK	93 exit "$STATE_OK"

85 else	94 else

86 echo "UNKNOWN - $HOST: Could not retrieve data"	95 echo "UNKNOWN - $HOST: Could not retrieve data"

87 exit $STATE_UNKNOWN	96 exit "$STATE_UNKNOWN"

88 fi	97 fi

LEFT	RIGHT