[problem]
You want to automate checking expiry of SSL (HTTPS) Certificate expiry.
[/problem]
[solution]
The link to the script is displayed in examples. It connects to the given site and shows site expiry. This can then be automated into a database, using some of my PHP or Perl Scripts, which can also be used to then report on sites about to expire.
[/solution]
[example]
./openssl_cert_expiry_check www.example.com:443
Here is the code – but take note you may need the openssl client that supports proxying. Leave me a comment if you want this code.
#!/bin/bash
[ $# -ne 1 ] &echo -n "$1 - "
echo "
GET / HTTP/1.0
EOT
" | openssl s_client -connect $1 2>&1 |
sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' |
openssl x509 -enddate |
awk -F= ' /notAfter/ { printf("Expires: %sn",$NF); } '
exit 0
[/example]
[reference]
[tags]openssl, SSL Certification Expiry Date Checker, Unix Coding School[/tags]
- Linux Man Pages – openssl command
- Linux Man Pages – s_client command
- Linux Man Pages – awk command
- Linux Man Pages – sed command
– Mark Foster’s cool openssl tips- – Paul Heinlein’s excellent and comprehensive openssl tips
[/reference]
If you have found my website useful, please consider buying me a coffee below 😉