Code:
Check SSL (forums.applenova.com) (Zabbix server:system.run[/etc/zabbix/externalscripts/checkssl.sh forums.applenova.com]): 15
So I have a script running that feeds my zabbix monitoring to let me know when the cert is going to expire since LE seems to have stopped emailing us for these dates approaching.
Code:
# cat /etc/zabbix/externalscripts/checkssl.sh
#!/bin/bash
data=`echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -enddate | sed -e 's#notAfter=##'`
ssldate=`date -d "${data}" '+%s'`
nowdate=`date '+%s'`
diff="$((${ssldate}-${nowdate}))"
echo $((${diff}/86400))
If you want to make this something that just emails you from your server you can instead use this one:
Code:
$ cat testemail.sh
####################
#!/bin/bash
#
# Check certs and email when renewal needed
#
data=`echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -enddate | sed -e 's#notAfter=##'`
ssldate=`date -j -f "%b %d %T %Y %Z" "${data}" '+%s'`
nowdate=`date '+%s'`
diff="$((${ssldate}-${nowdate}))"
daysleft=$((${diff}/86400))
#echo $daysleft
echo "$1 SSL Certificate expires in $daysleft! Take action to renew it now!" | mail -s "URGENT: $1 SSL Certificate expiring soon" brad@bradsdomain.com
Louis L'Amour, “To make democracy work, we must be a nation of participants, not simply observers.
One who does not vote has no right to complain.”
Visit our archived Minecraft world! | Maybe someday I'll proof read, until then deal with it.