![[SSL] SSL 만료일 체커 (feat. Github)](https://img1.daumcdn.net/thumb/R750x0/?scode=mtistory2&fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2FOVi1p%2FbtsiQHoa4kc%2FrAAHQUDN6aKdU93k4x8hI0%2Fimg.png)
* 개요
- 서비스를 운영하다보면 나도 모르는 사이 SSL 인증서가 만료되어 낭패를 겪은 적 있을것이다. 간단하게 SHELL 스크립트를 통해서 스마트하게 SSL 만료 알람을 사전에 받아서 대참사를 막아보자
* 코드
- 아래 코드를 응용해서 얼마든시 다양한 Notificator를 만들 수 있을것이다.
- 핵심 커맨드
curl --insecure -v $URL 2>&1 | awk 'BEGIN { cert=0 } /^\* SSL connection/ { cert=1 } /^\*/ { if (cert) print }' | awk '/^* expire date: /{print $4,$5,$7}'
#!/bin/bash
################Files to be created before starting exicution####################
# sudo apt-get install alsa alsa-utils #
# mkdir -p $HOME/scripts #
# touch $HOME/scripts/ssl_url #
# Download alert.wav file and copy it into $HOME/scripts directory #
#################################################################################
while true
do
year=$(date | awk '{print $6}')
month=$(date | awk '{print $2}')
day=$(date | awk '{print $3}')
touch /tmp/ssl_expire
FILE="$HOME/scripts/ssl_url"
while read -r URL; do
expire_date=$(curl --insecure -v $URL 2>&1 | awk 'BEGIN { cert=0 } /^\* SSL connection/ { cert=1 } /^\*/ { if (cert) print }' | awk '/^* expire date: /{print $4,$5,$7}')
echo $expire_date > /tmp/ssl_expire
ssl_year=$(cat /tmp/ssl_expire | awk '{print $3}')
ssl_month=$(cat /tmp/ssl_expire | awk '{print $1}')
ssl_day=$(cat /tmp/ssl_expire | awk '{print $2}')
echo "-------------------------------------------------------------------------------------------------------------------------------------"
echo "| Today's Date: $day-$month-$year |Certificate Expire Date: $ssl_day-$ssl_month-$ssl_year | Web Site URL: $URL"
if [ $ssl_year -eq $year ]
then
if [ "$ssl_month" == "$month" ]
then
remind_days=3
ex_days=1
before_expire=$(($day - $remind_days))
before_one=$(($day + $ex_days))
if [ $ssl_day -gt $before_expire -o $ssl_day -lt $before_one ]
then
echo "Dear Admin Team \n The $URL's SSL(HTTPS) certificate will expire on $ssl_day-$ssl_month-$ssl_year " | mail -s "SLL cerficate expired for $URL" -a "From: from_mail_id@gmail.com" your_admin_1@gmail.com,your_admin_2@gmail.com >> /dev/null
fi
fi
fi
done < "$FILE"
sleep 10800
done
#######################################################################################################################################################
#The content of $HOME/scripts/URL_File is as below
#Please remove "#" and Headline titles. Each parameter will be read by the difrence of spaces.
#URL_of_the_web_site_with_https_protocol
#https://google.com
* 참고자료
'LINUX' 카테고리의 다른 글
| [보안] CentOS7의 OS 보안조치 (0) | 2023.01.09 |
|---|---|
| [REDHAT] 리눅스(RHEL8) NFS 구축 및 마운트 (0) | 2022.12.27 |
| [LINUX] CPU, 메모리 모니터링 Logger 스크립트 (0) | 2022.11.28 |