Index: check_ssl_cert.sh |
diff --git a/check_ssl_cert.sh b/check_ssl_cert.sh |
new file mode 100755 |
index 0000000000000000000000000000000000000000..053357db64fd317a93e1e759aac90d4bb71af205 |
--- /dev/null |
+++ b/check_ssl_cert.sh |
@@ -0,0 +1,94 @@ |
+#!/bin/sh |
+ |
+# Icinga plugin that checks how many days are left until SSL certificate expires |
+# Usage: <PluginDir>/check_ssl_cert -H <HOSTNAME> -P <PORT> -c <CRITICAL> -w <WARNING> |
+ |
+PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin" |
+ |
+CURRENT_DATE=`date +%y%m%d` |
+HOST="$2" |
+PORT="$4" |
+CRITICAL="$6" |
+WARNING="$8" |
+STATE_OK=0 |
+STATE_WARNING=1 |
+STATE_CRITICAL=2 |
+STATE_UNKNOWN=3 |
+ |
+OUTPUT=`openssl s_client -connect "$HOST":"$PORT" </dev/null 2>/dev/null | openssl x509 -noout -enddate 2>/dev/null` |
mathias
2018/06/05 16:24:19
Please place this in a function() and invoke it to
|
+ |
+if [ ! "$OUTPUT" ] |
+then |
+ echo "UNKNOWN - Could not connect to $HOST via port $PORT" |
+ exit "$STATE_UNKNOWN" |
+fi |
+ |
+DAY=`echo "$OUTPUT" | awk '{print $2}'` |
+MONTH=`echo "$OUTPUT" | awk '{print $1}' | cut -c 10-` |
+YEAR=`echo "$OUTPUT" | awk '{print $4}'` |
+ |
+case "$MONTH" in |
+ |
+ "Jan") |
+ MONTH="01" |
+ ;; |
+ "Feb") |
+ MONTH="02" |
+ ;; |
+ "Mar") |
+ MONTH="03" |
+ ;; |
+ "Apr") |
+ MONTH="04" |
+ ;; |
+ "May") |
+ MONTH="05" |
+ ;; |
+ "Jun") |
+ MONTH="06" |
+ ;; |
+ "Jul") |
+ MONTH="07" |
+ ;; |
+ "Aug") |
+ MONTH="08" |
+ ;; |
+ "Sep") |
+ MONTH="09" |
+ ;; |
+ "Oct") |
+ MONTH="10" |
+ ;; |
+ "Nov") |
+ MONTH="11" |
+ ;; |
+ "Dec") |
+ MONTH="12" |
+ ;; |
+ "*") |
+ echo "An error occured" |
+ exit 1 |
+ ;; |
+esac |
+ |
+EXPIRY_DATE_IN_SEC=`date -d "$YEAR""$MONTH""$DAY" +%s` |
mathias
2018/06/05 16:24:19
You can use "$YEAR$MONTH$DAY" or, even better, "${
|
+CURRENT_DATE_IN_SEC=`date -d "$CURRENT_DATE" +%s` |
+DIFF=`expr "$EXPIRY_DATE_IN_SEC" - "$CURRENT_DATE_IN_SEC"` |
+DIFF=`expr "$DIFF" / 86400` |
+ |
+if [ "$DIFF" -le "$CRITICAL" ] |
+then |
+ echo "CRITICAL - $HOST: SSL certificate has been expired!" |
+ exit "$STATE_CRITICAL" |
+elif [ "$DIFF" -le "$WARNING" ] |
+then |
+ echo "WARNING - $HOST: SSL certificate will be expired in $DIFF days!" |
+ exit "$STATE_WARNING" |
+elif [ "$DIFF" -gt "$WARNING" ] |
+then |
+ echo "OK - $HOST: SSL certificate will be expired in $DIFF days" |
+ exit "$STATE_OK" |
+else |
+ echo "UNKNOWN - $HOST: Could not retrieve data" |
+ exit "$STATE_UNKNOWN" |
+fi |