Upload du script

etc/zabbix/scripts/ssl_certificate_check.sh

@@ -0,0 +1,70 @@
+#! /bin/sh
+#------------------------------------------------------------
+# check days left before expiration and the issuer of the certificate
+# based on script from aperto.fr
+# Edited by benoit@virtit.fr
+#------------------------------------------------------------
+
+DEBUG=0
+if [ $DEBUG -gt 0 ]
+then
+    exec 2>>/tmp/my.log
+    set -x
+fi
+
+f=$1
+host=$2
+port=$3
+sni=$4
+proto=$5
+
+if [ -z "$sni" ]
+then
+    servername=$host
+else
+    servername=$sni
+fi
+
+if [ -z "$port" ]
+then
+	port="443"
+fi
+
+if [ -n "$proto" ]
+then
+    starttls="-starttls $proto"
+fi
+
+case $f in
+-d)
+end_date=`openssl s_client -servername $servername -host $host -port $port -showcerts $starttls -prexit </dev/null 2>/dev/null |
+          sed -n '/BEGIN CERTIFICATE/,/END CERT/p' |
+          openssl x509 -text 2>/dev/null |
+          sed -n 's/ *Not After : *//p'`
+
+if [ -n "$end_date" ]
+then
+    end_date_seconds=`date '+%s' --date "$end_date"`
+    now_seconds=`date '+%s'`
+    echo "($end_date_seconds-$now_seconds)/24/3600" | bc
+fi
+;;
+
+-i)
+issue_dn=`openssl s_client -servername $servername -host $host -port $port -showcerts $starttls -prexit </dev/null 2>/dev/null |
+          sed -n '/BEGIN CERTIFICATE/,/END CERT/p' |
+          openssl x509 -text 2>/dev/null |
+         sed -n 's/ *Issuer: *//p'`
+
+if [ -n "$issue_dn" ]
+then
+    issuer=`echo $issue_dn | sed -n 's/.*CN =*//p'`
+    echo $issuer
+fi
+;;
+*)
+echo "usage: $0 [-i|-d] hostname port sni"
+echo "    -i Show Issuer"
+echo "    -d Show valid days remaining"
+;;
+esac