root / plugins / ssl / ssl_ @ 33cf24ad
Historique | Voir | Annoter | Télécharger (1,37 ko)
| 1 | e2eef65c | Simon Tennant | #!/bin/bash |
|---|---|---|---|
| 2 | # -*- sh -*- |
||
| 3 | |||
| 4 | : << =cut |
||
| 5 | |||
| 6 | =head1 NAME |
||
| 7 | |||
| 8 | ssl_ - Plugin to monitor certificate expiration |
||
| 9 | |||
| 10 | =head1 CONFIGURATION |
||
| 11 | |||
| 12 | This plugin does not normally require configuration. |
||
| 13 | |||
| 14 | To set warning and critical levels do like this: |
||
| 15 | |||
| 16 | [ssl_*] |
||
| 17 | env.warning 30: |
||
| 18 | |||
| 19 | =head1 AUTHOR |
||
| 20 | |||
| 21 | Pactrick Domack |
||
| 22 | |||
| 23 | Copyright (C) 2013 Patrick Domack <patrickdk@patrickdk.com> |
||
| 24 | |||
| 25 | =head1 LICENSE |
||
| 26 | |||
| 27 | =cut |
||
| 28 | |||
| 29 | . $MUNIN_LIBDIR/plugins/plugin.sh |
||
| 30 | |||
| 31 | SITE=${0##*ssl_}
|
||
| 32 | |||
| 33 | case $1 in |
||
| 34 | config) |
||
| 35 | |||
| 36 | echo "graph_title $SITE SSL Certificate Expire" |
||
| 37 | echo 'graph_args --base 1000' |
||
| 38 | echo 'graph_vlabel days left' |
||
| 39 | echo 'graph_category ssl' |
||
| 40 | echo "graph_info This graph shows the days left for the certificate being served by $SITE" |
||
| 41 | echo 'expire.label days' |
||
| 42 | print_warning expire |
||
| 43 | print_critical expire |
||
| 44 | |||
| 45 | exit 0 |
||
| 46 | ;; |
||
| 47 | esac |
||
| 48 | |||
| 49 | cert=$(echo "" | openssl s_client -CApath /etc/ssl/certs -connect "${SITE}:443" 2>/dev/null);
|
||
| 50 | |||
| 51 | if [[ "${cert}" = *"-----BEGIN CERTIFICATE-----"* ]]; then
|
||
| 52 | echo "${cert}" | openssl x509 -noout -enddate | awk -F= 'BEGIN { split("Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec", month, " "); for (i=1; i<=12; i++) mdigit[month[i]] = i; } /notAfter/ { split($0,a,"="); split(a[2],b," "); split(b[3],time,":"); datetime=b[4] " " mdigit[b[1]] " " b[2] " " time[1] " " time[2] " " time[3]; days=(mktime(datetime)-systime())/86400; print "expire.value " days; }'
|
||
| 53 | fi |