Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Unified Diff: check_ssl_cert.sh

Issue 29792596: #3298 - SSL monitoring script for icinga (Closed)
Patch Set: #3298 - SSL monitoring script for icinga Created June 5, 2018, 4:10 p.m.
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: check_ssl_cert.sh
diff --git a/check_ssl_cert.sh b/check_ssl_cert.sh
new file mode 100755
index 0000000000000000000000000000000000000000..053357db64fd317a93e1e759aac90d4bb71af205
--- /dev/null
+++ b/check_ssl_cert.sh
@@ -0,0 +1,94 @@
+#!/bin/sh
+
+# Icinga plugin that checks how many days are left until SSL certificate expires
+# Usage: <PluginDir>/check_ssl_cert -H <HOSTNAME> -P <PORT> -c <CRITICAL> -w <WARNING>
+
+PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin"
+
+CURRENT_DATE=`date +%y%m%d`
+HOST="$2"
+PORT="$4"
+CRITICAL="$6"
+WARNING="$8"
+STATE_OK=0
+STATE_WARNING=1
+STATE_CRITICAL=2
+STATE_UNKNOWN=3
+
+OUTPUT=`openssl s_client -connect "$HOST":"$PORT" </dev/null 2>/dev/null | openssl x509 -noout -enddate 2>/dev/null`
mathias 2018/06/05 16:24:19 Please place this in a function() and invoke it to
+
+if [ ! "$OUTPUT" ]
+then
+ echo "UNKNOWN - Could not connect to $HOST via port $PORT"
+ exit "$STATE_UNKNOWN"
+fi
+
+DAY=`echo "$OUTPUT" | awk '{print $2}'`
+MONTH=`echo "$OUTPUT" | awk '{print $1}' | cut -c 10-`
+YEAR=`echo "$OUTPUT" | awk '{print $4}'`
+
+case "$MONTH" in
+
+ "Jan")
+ MONTH="01"
+ ;;
+ "Feb")
+ MONTH="02"
+ ;;
+ "Mar")
+ MONTH="03"
+ ;;
+ "Apr")
+ MONTH="04"
+ ;;
+ "May")
+ MONTH="05"
+ ;;
+ "Jun")
+ MONTH="06"
+ ;;
+ "Jul")
+ MONTH="07"
+ ;;
+ "Aug")
+ MONTH="08"
+ ;;
+ "Sep")
+ MONTH="09"
+ ;;
+ "Oct")
+ MONTH="10"
+ ;;
+ "Nov")
+ MONTH="11"
+ ;;
+ "Dec")
+ MONTH="12"
+ ;;
+ "*")
+ echo "An error occured"
+ exit 1
+ ;;
+esac
+
+EXPIRY_DATE_IN_SEC=`date -d "$YEAR""$MONTH""$DAY" +%s`
mathias 2018/06/05 16:24:19 You can use "$YEAR$MONTH$DAY" or, even better, "${
+CURRENT_DATE_IN_SEC=`date -d "$CURRENT_DATE" +%s`
+DIFF=`expr "$EXPIRY_DATE_IN_SEC" - "$CURRENT_DATE_IN_SEC"`
+DIFF=`expr "$DIFF" / 86400`
+
+if [ "$DIFF" -le "$CRITICAL" ]
+then
+ echo "CRITICAL - $HOST: SSL certificate has been expired!"
+ exit "$STATE_CRITICAL"
+elif [ "$DIFF" -le "$WARNING" ]
+then
+ echo "WARNING - $HOST: SSL certificate will be expired in $DIFF days!"
+ exit "$STATE_WARNING"
+elif [ "$DIFF" -gt "$WARNING" ]
+then
+ echo "OK - $HOST: SSL certificate will be expired in $DIFF days"
+ exit "$STATE_OK"
+else
+ echo "UNKNOWN - $HOST: Could not retrieve data"
+ exit "$STATE_UNKNOWN"
+fi
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld