Adding the SSL expiry monitor
This commit is contained in:
parent
9846fb820f
commit
4dd44366e1
2 changed files with 24 additions and 0 deletions
17
sslexpiry.py
Executable file
17
sslexpiry.py
Executable file
|
@ -0,0 +1,17 @@
|
||||||
|
#!/usr/bin/python3
|
||||||
|
|
||||||
|
import ast, datetime, setuptools, ssltools, twitools
|
||||||
|
|
||||||
|
if __name__ == "__main__":
|
||||||
|
hosts = ast.literal_eval(setuptools.getSetting("SSL", "hosts"))
|
||||||
|
pbefore = int(setuptools.getSetting("SSL", "pbefore"))
|
||||||
|
pafter = int(setuptools.getSetting("SSL", "pafter"))
|
||||||
|
|
||||||
|
for h in hosts:
|
||||||
|
expiry = ssltools.getRemoteExpiry(h[0], h[1])
|
||||||
|
diff = expiry - datetime.datetime.now()
|
||||||
|
if diff < datetime.timedelta(days=pbefore):
|
||||||
|
if expiry > datetime.datetime.now():
|
||||||
|
print("@%s %s certificate expiring soon (%s). Please renew." % (h[2], h[0], expiry))
|
||||||
|
elif expiry + datetime.timedelta(days=pafter) < datetime.datetime.now():
|
||||||
|
print("@%s %s certificate has expired! (%s) Please renew ASAP!" % (h[2], h[0], expiry))
|
7
ssltools/__init__.py
Normal file
7
ssltools/__init__.py
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
import datetime, OpenSSL, ssl
|
||||||
|
|
||||||
|
def getRemoteCert(host, port):
|
||||||
|
return ssl.get_server_certificate((host, port))
|
||||||
|
|
||||||
|
def getRemoteExpiry(host,port):
|
||||||
|
return datetime.datetime.strptime(str(OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, getRemoteCert(host, port)).get_notAfter().decode("UTF-8")), "%Y%m%d%H%M%SZ")
|
Loading…
Reference in a new issue