检查ssl证书到期时间
- 目前该脚本只是发送rsyslog日志,可以自行在修改结合zabbix或者自行发送到钉钉或者微信告警
#! /usr/bin/python
# -*- coding:utf-8 -*-
#此脚本用来获取https证书过期时间,发送网管告警
#需要先执行pip install pyopenssl
from urllib3.contrib import pyopenssl as reqs;
from datetime import datetime;
import os
#公网验证域名返回到期时间
def get_notafter(DomainName):
cert = reqs.OpenSSL.crypto.load_certificate(reqs.OpenSSL.crypto.FILETYPE_PEM, reqs.ssl.get_server_certificate((DomainName, 443)));
notafter = datetime.strptime(cert.get_notAfter().decode()[0:-1], '%Y%m%d%H%M%S');
remain_days = notafter - datetime.now();
#print(DomainName, '证书到期天数是:', remain_days.days);
return remain_days.days
#判断到期时间发送网管告警
def IfDate(DomainName,DomainNameExpired,CheckTime):
if int(DomainNameExpired) < CheckTime:
GetDomainMsg = "https://" + DomainName + " 证书还剩余到期天数是: "+ str(DomainNameExpired) +" days"
os.system("/bin/logger -p local0.crit \"ccod: result=ERROR "+ GetDomainMsg + " \"")
#主函数
def Main(DomainNameList,CheckTime):
for DomainName in DomainNameList:
try:
DomainNameExpired = get_notafter(DomainName);
except Exception as e:
ErrorMsg = "请检查 https://"+ DomainName +" 域名是否正确或者网络可达性"
print(ErrorMsg)
IfDate(DomainName,DomainNameExpired,CheckTime)
if __name__ == "__main__":
#设置要检查的域名列表
DomainNameList = ["baidu.com","jd.com"]
#设定检查域名到期告警时间
CheckTime = 40
#运行主函数
Main(DomainNameList,CheckTime)
本文由mdnice多平台发布