Left: | ||
Right: |
LEFT | RIGHT |
---|---|
1 #!/bin/sh | 1 #!/bin/sh |
2 | 2 |
3 # Icinga plugin that checks how many days are left until SSL certificate expires | 3 # Icinga plugin that checks how many days are left |
4 # Usage: <PluginDir>/check_ssl_cert -H <HOSTNAME> -P <PORT> -c <CRITICAL> -w <WA RNING> | 4 # until SSL certificate expires. |
mathias
2018/06/19 13:35:29
Please use $PLUGIN_DIR and similar variables, even
| |
5 # Usage: | |
6 # $PLUGIN_DIR/check_ssl_cert.sh -H $HOST -P $PORT -c $CRITICAL -w $WARNING | |
5 | 7 |
6 get_ssl_expiry_date() { | 8 get_ssl_expiry_date() { |
7 openssl s_client -connect "$1":"$2" </dev/null 2>/dev/null | openssl x509 -noo ut -enddate 2>/dev/null | 9 openssl s_client -connect "$1:$2" </dev/null 2>/dev/null \ |
mathias
2018/06/19 13:35:29
Please use a backslash to not exceed 80 characters
| |
10 | openssl x509 -noout -enddate 2>/dev/null | |
8 } | 11 } |
9 | 12 |
10 CURRENT_DATE=`date +%y%m%d` | 13 CURRENT_DATE=`date +%y%m%d` |
11 HOST="$2" | 14 HOST="$2" |
12 PORT="$4" | 15 PORT="$4" |
13 CRITICAL="$6" | 16 CRITICAL="$6" |
14 WARNING="$8" | 17 WARNING="$8" |
15 STATE_OK=0 | 18 STATE_OK=0 |
16 STATE_WARNING=1 | 19 STATE_WARNING=1 |
17 STATE_CRITICAL=2 | 20 STATE_CRITICAL=2 |
18 STATE_UNKNOWN=3 | 21 STATE_UNKNOWN=3 |
19 OUTPUT=`get_ssl_expiry_date "$HOST" "$PORT"` | 22 OUTPUT=`get_ssl_expiry_date "$HOST" "$PORT"` |
20 | 23 |
21 if [ ! "$OUTPUT" ] | 24 if [ -z "$OUTPUT" ] |
mathias
2018/06/19 13:35:30
Use `-z` to test for empty values.
| |
22 then | 25 then |
23 echo "UNKNOWN - Could not connect to $HOST via port $PORT" | 26 echo "UNKNOWN - Could not connect to $HOST via port $PORT" |
24 exit "$STATE_UNKNOWN" | 27 exit "$STATE_UNKNOWN" |
25 fi | 28 fi |
26 | 29 |
27 DAY=`echo "$OUTPUT" | awk '{print $2}'` | 30 DAY=`echo "$OUTPUT" | awk '{printf "02d", $2}'` |
28 MONTH=`echo "$OUTPUT" | awk '{print $1}' | cut -c 10-` | 31 MONTH=`echo "$OUTPUT" | awk '{print $1}' | cut -c 10-` |
29 YEAR=`echo "$OUTPUT" | awk '{print $4}'` | 32 YEAR=`echo "$OUTPUT" | awk '{print $4}'` |
30 | 33 |
31 case "$MONTH" in | 34 case "$MONTH" in |
32 | 35 |
33 "Jan") | 36 "Jan") |
34 MONTH="01" | 37 MONTH="01" |
35 ;; | 38 ;; |
36 "Feb") | 39 "Feb") |
37 MONTH="02" | 40 MONTH="02" |
(...skipping 29 matching lines...) Expand all Loading... | |
67 MONTH="12" | 70 MONTH="12" |
68 ;; | 71 ;; |
69 "*") | 72 "*") |
70 echo "An error occured" | 73 echo "An error occured" |
71 exit 1 | 74 exit 1 |
72 ;; | 75 ;; |
73 esac | 76 esac |
74 | 77 |
75 EXPIRY_DATE_IN_SEC=`date -d "${YEAR}${MONTH}${DAY}" +%s` | 78 EXPIRY_DATE_IN_SEC=`date -d "${YEAR}${MONTH}${DAY}" +%s` |
76 CURRENT_DATE_IN_SEC=`date -d "$CURRENT_DATE" +%s` | 79 CURRENT_DATE_IN_SEC=`date -d "$CURRENT_DATE" +%s` |
77 DIFF=`expr "$EXPIRY_DATE_IN_SEC" - "$CURRENT_DATE_IN_SEC"` | 80 DIFFERENCE=`expr \( "$EXPIRY_DATE_IN_SEC" - "$CURRENT_DATE_IN_SEC" \) / 86400` |
78 DIFF=`expr "$DIFF" / 86400` | |
mathias
2018/06/19 13:35:29
As discussed: Please use brackets (`\(...\)`) to a
| |
79 | 81 |
80 if [ "$DIFF" -le "$CRITICAL" ] | 82 if [ "$DIFFERENCE" -le "$CRITICAL" ] |
81 then | 83 then |
82 echo "CRITICAL - $HOST: SSL certificate has been expired!" | 84 echo "CRITICAL - $HOST: SSL certificate has been expired!" |
83 exit "$STATE_CRITICAL" | 85 exit "$STATE_CRITICAL" |
84 elif [ "$DIFF" -le "$WARNING" ] | 86 elif [ "$DIFFERENCE" -le "$WARNING" ] |
85 then | 87 then |
86 echo "WARNING - $HOST: SSL certificate will be expired in $DIFF days!" | 88 echo "WARNING - $HOST: SSL certificate will be expired in $DIFFERENCE days!" |
87 exit "$STATE_WARNING" | 89 exit "$STATE_WARNING" |
88 elif [ "$DIFF" -gt "$WARNING" ] | 90 elif [ "$DIFFERENCE" -gt "$WARNING" ] |
89 then | 91 then |
90 echo "OK - $HOST: SSL certificate will be expired in $DIFF days" | 92 echo "OK - $HOST: SSL certificate will be expired in $DIFFERENCE days" |
91 exit "$STATE_OK" | 93 exit "$STATE_OK" |
92 else | 94 else |
93 echo "UNKNOWN - $HOST: Could not retrieve data" | 95 echo "UNKNOWN - $HOST: Could not retrieve data" |
94 exit "$STATE_UNKNOWN" | 96 exit "$STATE_UNKNOWN" |
95 fi | 97 fi |
LEFT | RIGHT |