Commit | Line | Data |
---|---|---|
3f6c5992 MW |
1 | #! /bin/sh -e |
2 | ||
3 | conf=/etc/ca/check-x509-certs.conf | |
4 | time=$(( 7 * 86400 )) | |
5 | usage="usage: $0 [-c CONF] [-d DAYS] [-s SECS]" | |
6 | ||
7 | while getopts c:d:s: opt; do | |
8 | case "$opt" in | |
9 | c) conf=$OPTARG ;; | |
10 | d) time=$(( $OPTARG * 86400 )) ;; | |
11 | s) time=$OPTARG ;; | |
12 | *) echo >&2 "$usage"; exit 1 ;; | |
13 | esac | |
14 | done | |
15 | shift $(( $OPTIND - 1 )) | |
16 | case $# in 0) ;; *) echo >&2 "$usage"; exit 1 ;; esac | |
17 | ||
18 | if [ ! -f $conf ]; then exit 0; fi | |
19 | ||
20 | any=nil | |
21 | while read line; do | |
22 | case "$line" in "" | "#"*) continue ;; esac | |
23 | file=$line | |
24 | if openssl x509 -in "$file" -noout -checkend $time; then | |
25 | continue | |
26 | fi | |
27 | if openssl x509 -in "$file" -noout -checkend 0; then | |
28 | state="expires soon" | |
29 | else | |
30 | state="ALREADY EXPIRED!" | |
31 | fi | |
32 | case $any in nil) any=t ;; t) echo ;; esac | |
33 | echo "$file: $state" | |
34 | openssl x509 -in "$file" -noout -issuer -dates | |
35 | done <"$conf" |