check_ssl_cert.sh - Issue 29792596: #3298 - SSL monitoring script for icinga

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Unified Diff: check_ssl_cert.sh

Issue 29792596: #3298 - SSL monitoring script for icinga (Closed)

Patch Set: #3298 - SSL monitoring script for icinga Created June 6, 2018, 10:47 a.m.

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: check_ssl_cert.sh

diff --git a/check_ssl_cert.sh b/check_ssl_cert.sh

new file mode 100755

index 0000000000000000000000000000000000000000..7e296cddedf531bda4a34bda591ce2f56238225a

--- /dev/null

+++ b/check_ssl_cert.sh

@@ -0,0 +1,97 @@

+#!/bin/sh

+# Icinga plugin that checks how many days are left until SSL certificate expires

+# Usage: <PluginDir>/check_ssl_cert -H <HOSTNAME> -P <PORT> -c <CRITICAL> -w <WARNING>

+get_ssl_expiry_date() {

+ echo `openssl s_client -connect "$1":"$2" </dev/null 2>/dev/null | openssl x509 -noout -enddate 2>/dev/null`

mathias 2018/06/11 14:14:03 The surrounding `echo ...` is not necessary. The o

+PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin"

mathias 2018/06/11 14:14:02 Why do you set a custom $PATH here and not use the

+CURRENT_DATE=`date +%y%m%d`

+HOST="$2"

+PORT="$4"

+CRITICAL="$6"

+WARNING="$8"

+STATE_OK=0

+STATE_WARNING=1

+STATE_CRITICAL=2

+STATE_UNKNOWN=3

+OUTPUT=`get_ssl_expiry_date "$HOST" "$PORT"`

+if [ ! "$OUTPUT" ]

+then

+ echo "UNKNOWN - Could not connect to $HOST via port $PORT"

+ exit "$STATE_UNKNOWN"

+fi

+DAY=`echo "$OUTPUT" | awk '{print $2}'`

+MONTH=`echo "$OUTPUT" | awk '{print $1}' | cut -c 10-`

+YEAR=`echo "$OUTPUT" | awk '{print $4}'`

+case "$MONTH" in

+ "Jan")

+ MONTH="01"

+ ;;

+ "Feb")

+ MONTH="02"

+ ;;

+ "Mar")

+ MONTH="03"

+ ;;

+ "Apr")

+ MONTH="04"

+ ;;

+ "May")

+ MONTH="05"

+ ;;

+ "Jun")

+ MONTH="06"

+ ;;

+ "Jul")

+ MONTH="07"

+ ;;

+ "Aug")

+ MONTH="08"

+ ;;

+ "Sep")

+ MONTH="09"

+ ;;

+ "Oct")

+ MONTH="10"

+ ;;

+ "Nov")

+ MONTH="11"

+ ;;

+ "Dec")

+ MONTH="12"

+ ;;

+ "*")

+ echo "An error occured"

+ exit 1

+ ;;

+esac

+EXPIRY_DATE_IN_SEC=`date -d "${YEAR}${MONTH}${DAY}" +%s`

+CURRENT_DATE_IN_SEC=`date -d "$CURRENT_DATE" +%s`

+DIFF=`expr "$EXPIRY_DATE_IN_SEC" - "$CURRENT_DATE_IN_SEC"`

+DIFF=`expr "$DIFF" / 86400`

+if [ "$DIFF" -le "$CRITICAL" ]

+then

+ echo "CRITICAL - $HOST: SSL certificate has been expired!"

+ exit "$STATE_CRITICAL"

+elif [ "$DIFF" -le "$WARNING" ]

+then

+ echo "WARNING - $HOST: SSL certificate will be expired in $DIFF days!"

+ exit "$STATE_WARNING"

+elif [ "$DIFF" -gt "$WARNING" ]

+then

+ echo "OK - $HOST: SSL certificate will be expired in $DIFF days"

+ exit "$STATE_OK"

+else

+ echo "UNKNOWN - $HOST: Could not retrieve data"

+ exit "$STATE_UNKNOWN"

+fi

« no previous file with comments | « no previous file | no next file » | no next file with comments »