Hi everybody, because I currently have some problems with the automatic renewal of Let's Encrypt certificates I've built this script to check the used certificates for validity. I hope it helps somebody else, too! Regards! Code: #!/bin/bash # chechsslcerts.sh # # check wether Let's Encrypt certificates in ISPConfig will expire soon # v1.0/2018-01-06 DAYS=30 # warning expiration time SECONDS=$(("${DAYS}"*86400)) cd /var/www for file in *; do if [[ -L "${file}" && "${file}" != "ispconfig" && -d "${file}"/ssl ]]; then cd "${file}"/ssl if [[ -e "${file}"-le.crt ]]; then if ! openssl x509 -checkend 0 -noout -in "${file}"-le.crt >/dev/null; then echo ""${file}" - ERROR: certificate has already expired on $(openssl x509 -enddate -noout -in "${file}"-le.crt | cut -d = -f 2)." elif openssl x509 -checkend "${SECONDS}" -noout -in "${file}"-le.crt >/dev/null; then echo ""${file}" - Certificate is valid until $(openssl x509 -enddate -noout -in "${file}"-le.crt | cut -d = -f 2)." else echo ""${file}" - WARNING: certificate will expire on $(openssl x509 -enddate -noout -in "${file}"-le.crt | cut -d = -f 2) (under "${DAYS}" days)." fi else echo ""${file}" - WARNING: certificate does not exist." fi cd ../.. fi done
hi thanks for this script it is useful! Just fyi it didnt run properly for me, I got: sh checksslcerts.sh checksslcerts.sh: line 10: "30"*86400: syntax error: operand expected (error token is ""30"*86400") fixed this just by doing #SECONDS=$(("${DAYS}"*86400)) SECONDS=2592000 and it ran fine. Thanks!
Thanks for your reply and great that you like it! The problem might arise with using a shell different than bash? On my Debian sh links to bash. Just a quick thought.
