SSL证书过期探测
作者:互联网
一、脚本如下:
#!/bin/bash
script_dir=$(dirname ${0})
readFile="${script_dir}/domain_list"
push_to_falcon(){
ts=`date +%s`
curl -X POST -d "[{\"metric\": \"ssl_expiration\", \"endpoint\": \"AliSZ-OP-manager\", \"timestamp\": $ts,\"step\": 60,\"value\": ${1},\"counterType\": \"GAUGE\",\"tags\": \"domain=${2}\"}]" http://127.0.0.1:1988/v1/push
}
for line in `cat ${readFile}`
do
get_domain=$(echo "${line}" | awk -F ':' '{print $1}')
get_port=$(echo "${line}" | awk -F ':' '{print $2}')
# 使用openssl获取域名的证书情况,然后获取其中的到期时间
END_TIME=`timeout 6 openssl s_client -servername ${get_domain} -connect ${get_domain}:${get_port} 2>/dev/null | openssl x509 -noout -dates | grep notAfter | awk -F "=" '{print $NF}'`
END_TIME1=$(date +%s -d "$END_TIME") # 将日期转化为时间戳
NOW_TIME=$(date +%s -d "$(date "+%Y-%m-%d %H:%M:%S")") # 将当前的日期也转化为时间戳
RST=$(($(($END_TIME1 - $NOW_TIME))/(60*60*24))) # 到期时间减去目前时间再转化为天数
echo "证书有效天数剩余:${RST}"
if [ $RST -lt 5 ];then
push_to_falcon 1 ${get_domain}
else
push_to_falcon 0 ${get_domain}
fi
done
标签:domain,END,+%,get,过期,证书,SSL,TIME,push 来源: https://www.cnblogs.com/Jupiter-blog/p/16418598.html