initial upload

2011-01-06 14:04:33 +01:00 · 2011-01-06 14:04:33 +01:00 · 867ac1955d
commit 867ac1955d
10 changed files with 495 additions and 0 deletions
--- a/openssl-chk-crt.sh
+++ b/openssl-chk-crt.sh
@ -0,0 +1,54 @@
+#!/usr/bin/env bash
+# Recursively search for SSL certificate
+# files and display valid period
+#
+# Won't run on Solaris without modifications (find, date etc)
+
+# We need arguments
+if [ "$1" = "-h" -o "$1" = "--help" ]; then
+        echo -e "Usage: `basename $0` [option] [path]"
+        echo -e "Options: -v\tonly show valid certs\r"
+        echo -e "         -e\tonly show expired certs"
+        exit
+fi
+
+# probably(tm) too complicated ;-)
+if [ "$1" = "-e" ]; then
+        ONLY_EXPIRED=TRUE
+        MYPATH="$2"
+elif [ "$1" = "-v" ]; then
+        ONLY_VALID=TRUE
+        MYPATH="$2"
+else
+if [ ! -z $1 ]; then
+        if [ "$2" = "-e" ]; then
+                ONLY_EXPIRED=TRUE
+        elif [ "$2" = "-v" ]; then
+                ONLY_VALID=TRUE
+        else
+                ONLY_VALID=FALSE
+                ONLY_EXPIRED=FALSE
+        fi
+                MYPATH=$1
+else
+        MYPATH="."
+        ONLY_VALID=FALSE
+        ONLY_EXPIRED=FALSE
+fi 
+fi
+
+FOO=`find $MYPATH -type f -iname "*.crt*" | grep -v '.svn'`
+for i in `echo $FOO`; do
+  MYPATH=$(dirname $i)
+  MYFILE=$(basename $i)
+
+  # date conversion
+  DATE_STRING=$(openssl x509 -text -in $i | grep 'Not After' | awk -F": " '{print $2}') 
+  NOT_AFTER=$(date -d "$DATE_STRING" +%s)
+  UNIX2HUMAN=$(date -d "1970-01-01 $NOT_AFTER sec" +%c)
+  if [ $NOT_AFTER -le $(date +%s) ]; then
+        if [ $ONLY_EXPIRED ]; then echo "$MYPATH/$MYFILE" && echo "Certificate expired $UNIX2HUMAN"; fi
+  else
+        if [ $ONLY_VALID ]; then echo "$MYPATH/$MYFILE" && echo "Certificate is valid"; fi
+  fi
+done