shell腳本——檢測SSL證書過期時間

        說明：

                1、測試了阿里和又拍雲的，雖然有某域名的證書了，但是輸出結果卻不是購買的證書信息，所以，如果有做cdn，則加host進行檢測的，沒有就無所謂了。

又拍雲cdn測試信息

        Validity
            Not Before: Nov 14 00:00:00 2016 GMT
            Not After : Dec 12 23:59:59 2017 GMT
        Subject: C=CN, ST=zhejiang, L=hangzhou, O=Hangzhou Weiju Network Ltd., OU=\xE6\x8A\x80\xE6\x9C\xAF\xE9\x83\xA8, CN=*.upaiyun.com

                2、這裏只是單域名檢測，多域名，可以加上for循環。

                3、提醒方式，自由發揮。

Shell

#!/bin/bash

domain_name="statics.perofu.com"
ssl_port="443"
#no cdn
host="8.8.8.8 statics.perofu.com"

grep -q "${host}" /etc/hosts || echo "${host}" >> /etc/hosts

ping -c1 114.114.114.114 &> /dev/null
if [ $? -eq 0 ]
then

        ssl_date=$(echo |openssl s_client -connect ${domain_name}:${ssl_port} 2>&1 |sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'|openssl x509 -text)

        echo "${ssl_date}" | grep 'Subject: CN' | grep -q "${domain_name}"
        if [ $? -eq 0 ]
        then
                tmp_last_date=$(echo "${ssl_date}" | grep 'Not After :' | awk -F' : ' '{print $NF}')
                last_date=$(date -ud "${tmp_last_date}" +%Y-%m-%d" "%H:%M:%S)
                day_count=$(( ($(date -d "${last_date}" +%s) - $(date +%s))/(24*60*60) ))
                echo -e "\e[40;33;1m The [${domain_name}] out of date is : ${last_date} && [${day_count}] \e[0m"
        else
                echo -e "\e[40;31;1m check ssl info isn't the [${domain_name}] ,please check ... \e[0m"
        fi

else
        echo -e "\e[40;31;1m network is down ... \e[0m"
fi

shell輸出結果

 The [statics.perofu.com] out of date is : 2018-05-10 23:59:59 && [343]