Ubuntu/Scripts/SSL Expire

Scripts | SSL Expire | PulseAudio

Overview

Simple bash script to check the SSL start and end dates for web,smtp, or imap servers.

Variables

https_port= whatever https port you are using for SSL/TLS
smtp_port= whatever smtp port you are using for SSL/TLS
imap_port= whatever imap port you are using for SSL/TLS

webservers= list of web servers, separated by either a space of line break
smtpservers= list of web servers, separated by either a space of line break
imapservers= list of web servers, separated by either a space of line break

Script

#!/bin/bash

https_port=('443')
smtp_port=('25')
imap_port=('993')

declare -a webservers=(
web.server.com
)

declare -a smtpservers=(
smtp.server.com
)

declare -a imapservers=(
imap.server.com
)

function websrv {
        for i in "${webservers[@]}"
        do
                web="$(openssl s_client -showcerts -connect $i:$https_port < /dev/null 2>/dev/null | openssl x509 -text)"
                echo "$web" | grep "CN\=[A-Za-z]*\.[A-Za-z]*\.[A-Za-z]*" | sed 's/.*CN=//'
                echo "$web" | grep "Validity" -A 2 | sed '/Validity/d' | sed 's/^[ \t]*//'
        done
}

function smtpsrv {
        for i in "${smtpservers[@]}"
        do
                smtp="$(openssl s_client -showcerts -starttls smtp -connect $i:$smtp_port < /dev/null 2>/dev/null | openssl x509 -text)"
                echo "$smtp" | grep "CN\=[A-Za-z]*\.[A-Za-z]*\.[A-Za-z]*" | sed 's/.*CN=//'
                echo "$smtp" | grep "Validity" -A 2 | sed '/Validity/d' | sed 's/^[ \t]*//'
        done
}

function imapsrv {
        for i in "${imapservers[@]}"
        do
                imap="$(openssl s_client -showcerts -connect $i:$imap_port < /dev/null 2>/dev/null | openssl x509 -text)"
                echo "$imap" | grep "CN\=[A-Za-z]*\.[A-Za-z]*\.[A-Za-z]*" | sed 's/.*CN=//'
                echo "$imap" | grep "Validity" -A 2 | sed '/Validity/d' | sed 's/^[ \t]*//'
        done
}

printf 'Web Severs\n'
websrv
printf '\n'
printf 'SMTP Servers\n'
smtpsrv
printf '\n'
printf 'IMAP Servers\n'
imapsrv

Output

~$ ./certs_query.sh
Web Severs
web.server.com
Not Before: Jun 18 16:10:13 2015 GMT
Not After : Aug  5 09:08:32 2017 GMT

SMTP Servers
smtp.server.com
Not Before: Apr 27 01:43:24 2013 GMT
Not After : Apr 25 01:43:24 2023 GMT

IMAP Servers
imap.server.com
Not Before: Jun  2 13:56:07 2016 GMT
Not After : Jun  2 14:26:06 2018 GMT