Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I m using the script from this site http://www.cyberciti.biz/tips/domain-check-script.html to monitor domain expiry. Have modified it to monitor other domain sites.. But sites with three names, I am unable to get an o/p. Sites like email.domain.com is not working..
I m getting unknown as o/p
Domain Registrar Status Expires Days Left
----------------------------------- ---------------------------------------- -------------------- ----------- ---------
email.xxxx.com Unknown Unknown Unknown Unknown
Let me know how to modify the script to monitor email.xxxxx.com
I have many subdomain sites..... Certificate expiry of subdomain ( abc.werty.com ) is different than domain ( werty.com ) as certificates were procured at different dates.
o/p of script is uknown where ever there is subdomain.
Yes I am asking about SSL certificate expiry for abc.werty.com. ssl expiry script is working only for sites which has one name like google.com, yahoo.com.. If site name is like abc.werty.com, it gives dates left as -2456793. We have many sites like abc.werty.com, for which we need to monitor ssl expiry ..
I tried urs for google.com domain. I get the below output
SSL Cert Expires: Aug 5 00:00:00 2014 GMT
I used the below script.. This works for sites like gmail.com, yahoo.com, google.com....
####sh test.sh -d google.com
Domain Registrar Status Expires Days Left
----------------------------------- ----------------- -------- ----------- ---------
MARKMONITOR INC.
google.com MARKMONITOR INC. Valid 14-sep-2020 2310
But it does not work for domains like abc.werty.com.... for example below one
sh test.sh -d email.google.com
Domain Registrar Status Expires Days Left
----------------------------------- ----------------- -------- ----------- ---------
# Who to page when an expired domain is detected (cmdline: -e)
ADMIN="sysadmin@mydomain.com"
# Number of days in the warning threshhold (cmdline: -x)
WARNDAYS=30
# If QUIET is set to TRUE, don't print anything on the console (cmdline: -q)
QUIET="FALSE"
# Don't send emails by default (cmdline: -a)
ALARM="FALSE"
# Whois server to use (cmdline: -s)
WHOIS_SERVER="whois.internic.org"
# Location of system binaries
AWK="/bin/awk"
WHOIS="/usr/bin/whois"
DATE="/bin/date"
# Place to stash temporary files
WHOIS_TMP="/var/tmp/whois.$$"
#############################################################################
# Purpose: Convert a date from MONTH-DAY-YEAR to Julian format
# Acknowledgements: Code was adapted from examples in the book
# "Shell Scripting Recipes: A Problem-Solution Approach"
# ( ISBN 1590594711 )
# Arguments:
# $1 -> Month (e.g., 06)
# $2 -> Day (e.g., 08)
# $3 -> Year (e.g., 2006)
#############################################################################
date2julian()
{
if [ "${1} != "" ] && [ "${2} != "" ] && [ "${3}" != "" ]
then
## Since leap years add aday at the end of February,
## calculations are done from 1 March 0000 (a fictional year)
d2j_tmpmonth=$((12 * ${3} + ${1} - 3))
## If it is not yet March, the year is changed to the previous year
d2j_tmpyear=$(( ${d2j_tmpmonth} / 12))
## The number of days from 1 March 0000 is calculated
## and the number of days from 1 Jan. 4713BC is added
echo $(( (734 * ${d2j_tmpmonth} + 15) / 24 - 2 * ${d2j_tmpyear} + ${d2j_tmpyear}/4
- ${d2j_tmpyear}/100 + ${d2j_tmpyear}/400 + $2 + 1721119 ))
else
echo 0
fi
}
#############################################################################
# Purpose: Convert a string month into an integer representation
# Arguments:
# $1 -> Month name (e.g., Sep)
#############################################################################
getmonth()
{
LOWER=`tolower $1`
#############################################################################
# Purpose: Calculate the number of seconds between two dates
# Arguments:
# $1 -> Date #1
# $2 -> Date #2
date_diff()
{
if [ "${1}" != "" ] && [ "${2}" != "" ]
then
echo $(expr ${2} - ${1})
else
echo 0
fi
}
##################################################################
# Purpose: Converts a string to lower case
# Arguments:
# $1 -> String to convert to lower case
##################################################################
tolower()
{
LOWER=`echo ${1} | tr [A-Z] [a-z]`
echo $LOWER
}
##################################################################
# Purpose: Access whois data to grab the registrar and expiration date
# Arguments:
# $1 -> Domain to check
##################################################################
check_domain_status()
{
# Save the domain since set will trip up the ordering
DOMAIN=${1}
# Invoke whois to find the domain registrar and expiration date
${WHOIS} -h ${WHOIS_SERVER} "=${1}" > ${WHOIS_TMP}
# Parse out the expiration date and registrar -- uses the last registrar it finds
REGISTRAR=`cat ${WHOIS_TMP} | ${AWK} -F: '/Registrar/ && $2 != "" { REGISTRAR=substr($2,2,17) } END { print REGISTRAR }'`
echo $REGISTRAR
# If the Registrar is NULL, then we didn't get any data
if [ "${REGISTRAR}" = "" ]
then
prints "$DOMAIN" "Unknown" "Unknown" "Unknown" "Unknown"
return
fi
# The whois Expiration data should resemble teh following: "Expiration Date: 09-may-2008"
DOMAINDATE=`cat ${WHOIS_TMP} | ${AWK} '/Expiration/ { print $NF }'`
# Whois data should be in the following format: "13-feb-2006"
IFS="-"
set -- ${DOMAINDATE}
MONTH=$(getmonth ${2})
IFS=""
# Convert the date to seconds, and get the diff between NOW and the expiration date
DOMAINJULIAN=$(date2julian ${MONTH} ${1#0} ${3})
DOMAINDIFF=$(date_diff ${NOWJULIAN} ${DOMAINJULIAN})
if [ ${DOMAINDIFF} -lt 0 ]
then
if [ "${ALARM}" = "TRUE" ]
then
echo "The domain ${DOMAIN} has expired!" \
| ${MAIL} -s "Domain ${DOMAIN} has expired!" ${ADMIN}
fi
prints ${DOMAIN} "Expired" "${DOMAINDATE}" "${DOMAINDIFF}" ${REGISTRAR}
elif [ ${DOMAINDIFF} -lt ${WARNDAYS} ]
then
if [ "${ALARM}" = "TRUE" ]
then
echo "The domain ${DOMAIN} will expire on ${DOMAINDATE}" \
| ${MAIL} -s "Domain ${DOMAIN} will expire in ${WARNDAYS}-days or less" ${ADMIN}
fi
prints ${DOMAIN} "Expiring" "${DOMAINDATE}" "${DOMAINDIFF}" "${REGISTRAR}"
else
prints ${DOMAIN} "Valid" "${DOMAINDATE}" "${DOMAINDIFF}" "${REGISTRAR}"
fi
}
####################################################
# Purpose: Print a heading with the relevant columns
# Arguments:
# None
####################################################
print_heading()
{
if [ "${QUIET}" != "TRUE" ]
then
printf "\n%-35s %-17s %-8s %-11s %-5s\n" "Domain" "Registrar" "Status" "Expires" "Days Left"
echo "----------------------------------- ----------------- -------- ----------- ---------"
fi
}
#####################################################################
# Purpose: Print a line with the expiraton interval
# Arguments:
# $1 -> Domain
# $2 -> Status of domain (e.g., expired or valid)
# $3 -> Date when domain will expire
# $4 -> Days left until the domain will expire
# $5 -> Domain registrar
#####################################################################
prints()
{
if [ "${QUIET}" != "TRUE" ]
then
MIN_DATE=$(echo $3 | ${AWK} '{ print $1, $2, $4 }')
printf "%-35s %-17s %-8s %-11s %-5s\n" "$1" "$5" "$2" "$MIN_DATE" "$4"
fi
}
##########################################
# Purpose: Describe how the script works
# Arguments:
# None
##########################################
usage()
{
echo "Usage: $0 [ -e email ] [ -x expir_days ] [ -q ] [ -a ] [ -h ]"
echo " {[ -d domain_namee ]} || { -f domainfile}"
echo ""
echo " -a : Send a warning message through email "
echo " -d domain : Domain to analyze (interactive mode)"
echo " -e email address : Email address to send expiration notices"
echo " -f domain file : File with a list of domains"
echo " -h : Print this screen"
echo " -s whois server : Whois sever to query for information"
echo " -q : Don't print anything on the console"
echo " -x days : Domain expiration interval (eg. if domain_date < days)"
echo ""
}
### Evaluate the options passed on the command line
while getopts ae:f:hd:s:qx: option
do
case "${option}"
in
a) ALARM="TRUE";;
e) ADMIN=${OPTARG};;
d) DOMAIN=${OPTARG};;
f) SERVERFILE=$OPTARG;;
s) WHOIS_SERVER=$OPTARG;;
q) QUIET="TRUE";;
x) WARNDAYS=$OPTARG;;
\?) usage
exit 1;;
esac
done
### Check to see if the whois binary exists
if [ ! -f ${WHOIS} ]
then
echo "ERROR: The whois binary does not exist in ${WHOIS} ."
echo " FIX: Please modify the \$WHOIS variable in the program header."
exit 1
fi
### Check to make sure a date utility is available
if [ ! -f ${DATE} ]
then
echo "ERROR: The date binary does not exist in ${DATE} ."
echo " FIX: Please modify the \$DATE variable in the program header."
exit 1
fi
### Baseline the dates so we have something to compare to
MONTH=$(${DATE} "+%m")
DAY=$(${DATE} "+%d")
YEAR=$(${DATE} "+%Y")
NOWJULIAN=$(date2julian ${MONTH#0} ${DAY#0} ${YEAR})
### Touch the files prior to using them
touch ${WHOIS_TMP}
### If a HOST and PORT were passed on the cmdline, use those values
if [ "${DOMAIN}" != "" ]
then
print_heading
check_domain_status "${DOMAIN}"
### If a file and a "-a" are passed on the command line, check all
### of the domains in the file to see if they are about to expire
elif [ -f "${SERVERFILE}" ]
then
print_heading
while read DOMAIN
do
check_domain_status "${DOMAIN}"
done < ${SERVERFILE}
### There was an error, so print a detailed usage message and exit
else
usage
exit 1
fi
#!/bin/bash
rm /tmp/check.txt
MAILTO="me@gmail.com"
for i in abc.site.com def.site.com
do
openssl s_client -connect $i:443 2> /dev/null| openssl x509 -enddate -noout|sed 's/notAfter\=//' >> /tmp/check.txt
d0=`cat /tmp/check.txt`
while IFS=: read line
do
d1=$(($(($(date --date="$d0" "+%s") - $(date "+%s"))) / 86400))
done < $d0
if [ "$d1" -lt "90" ]; then
echo "Warning: SSL Certificate for $i expires on $d0 has $d1 days until expiry." | /usr/bin/mutt -F /root/.rmuttrc -e 'set content_type="text/html"' $MAILTO -s "SSL Expiry Status"
else
echo "Certificate for $i is valid till $d0"
fi
done
usr/local/sysadm/sslcheck.sh: line 4: Sep 9 12:00:00 2014 GMT: No such file or directory
/usr/local/sysadm/sslcheck.sh: line 12: [: : integer expression expected
Certificate for abc.site.com is valid till Sep 9 12:00:00 2014 GMT
/usr/local/sysadm/sslcheck.sh: line 4: Sep 9 12:00:00 2014 GMT
Apr 8 15:53:21 2023 GMT: No such file or directory
/usr/local/sysadm/sslcheck.sh: line 12: [: : integer expression expected
Certificate for def.site.com is valid till Sep 9 12:00:00 2014 GMT
Apr 8 15:53:21 2023 GMT
#!/bin/bash
rm /tmp/check.txt
MAILTO="me@gmail.com"
for i in abc.site.com def.site.com
do
openssl s_client -connect $i:443 2> /dev/null| openssl x509 -enddate -noout|sed 's/notAfter\=//' > /tmp/check.txt
d0=`cat /tmp/check.txt`
while IFS=: read line
do
d1=$(($(($(date --date="$d0" "+%s") - $(date "+%s"))) / 86400))
done < $d0
if [ "$d1" -lt "90" ]; then
echo "Warning: SSL Certificate for $i expires on $d0 has $d1 days until expiry." | /usr/bin/mutt -F /root/.rmuttrc -e 'set content_type="text/html"' $MAILTO -s "SSL Expiry Status"
else
echo "Certificate for $i is valid till $d0"
fi
done
OUPUT
/usr/local/sysadm/sslcheck.sh: line 4: Sep 9 12:00:00 2014 GMT: No such file or directory
/usr/local/sysadm/sslcheck.sh: line 12: [: : integer expression expected
Certificate for abc.site.com is valid till Sep 9 12:00:00 2014 GMT
/usr/local/sysadm/sslcheck.sh: line 4: Apr 8 15:53:21 2023 GMT: No such file or directory
/usr/local/sysadm/sslcheck.sh: line 12: [: : integer expression expected
Certificate for def.site.com is valid till Apr 8 15:53:21 2023 GMT
for i in `cat /usr/local/sysadm/domains.txt`
do
openssl s_client -connect $i:443 2> /dev/null| openssl x509 -enddate -noout|sed 's/notAfter\=//' > /tmp/check.txt
d0="/tmp/check.txt"
while IFS=" :" read -r line
do
d1=$(($(($(date --date="$line" "+%s") - $(date "+%s"))) / 86400))
done < "$d0"
if [ "$d1" -lt "90" ]; then
echo "Warning: SSL Certificate for $i expires on $d0 has $d1 days until expiry." | /usr/bin/mutt -F /root/.rmuttrc -e 'set content_type="text/html"' $MAILTO -s "SSL Expiry Status"
else
echo "Certificate for $i is valid till $line. Days present $d1"
fi
done
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.