73 lines
1.4 KiB
Go
73 lines
1.4 KiB
Go
package main
|
|
|
|
import (
|
|
"crypto/x509"
|
|
"encoding/pem"
|
|
"flag"
|
|
"os"
|
|
"time"
|
|
|
|
log "github.com/sirupsen/logrus"
|
|
)
|
|
|
|
func main() {
|
|
var retCode int = 0
|
|
fDays := flag.Int("d", 20, "number of days to alert on")
|
|
fDebug := flag.Bool("D", false, "debug mode")
|
|
|
|
flag.Parse()
|
|
|
|
if *fDebug {
|
|
log.SetLevel(log.DebugLevel)
|
|
}
|
|
|
|
for _, file := range flag.Args() {
|
|
var certs []*x509.Certificate
|
|
|
|
buf, err := os.ReadFile(file)
|
|
if err != nil {
|
|
log.Errorf("%q could not be read: %s", file, err)
|
|
continue
|
|
}
|
|
|
|
more := true
|
|
for more {
|
|
block, rest := pem.Decode(buf)
|
|
log.Debugf("%q : %s", file, block.Type)
|
|
|
|
cert, err := x509.ParseCertificate(block.Bytes)
|
|
if err != nil {
|
|
log.Errorf("%q cert could not be parsed: %s", file, err)
|
|
continue
|
|
}
|
|
certs = append(certs, cert)
|
|
|
|
if len(rest) == 0 {
|
|
more = false
|
|
}
|
|
// reset the buffer if there is more
|
|
buf = rest
|
|
}
|
|
|
|
for _, cert := range certs {
|
|
if len(cert.DNSNames) == 0 {
|
|
continue
|
|
}
|
|
|
|
hours := time.Duration(*fDays * -24)
|
|
alertTime := cert.NotAfter.Add(hours * time.Hour)
|
|
today := time.Now()
|
|
if today.After(alertTime) {
|
|
log.Warnf("%q : TIME TO RENEW CERTIFICATE (expires in less than %d days)", file, *fDays)
|
|
log.Infof("%q : %v", file, cert.NotAfter)
|
|
log.Infof("%q : %v", file, cert.DNSNames)
|
|
retCode += 1
|
|
} else {
|
|
log.Debugf("%q : %v", file, cert.NotAfter)
|
|
log.Debugf("%q : %v", file, cert.DNSNames)
|
|
}
|
|
}
|
|
}
|
|
|
|
os.Exit(retCode)
|
|
}
|