-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsslderp.rb
executable file
·86 lines (68 loc) · 1.64 KB
/
sslderp.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
#!/usr/bin/env ruby
require 'net/https'
require 'date'
require 'optparse'
options = {}
opt_parser = OptionParser.new do |opt|
opt.banner = "Usage: sslderp -t <hostname> [OPTIONS]"
options[:verbose] = false
options[:nagios] = false
opt.on("-v", "--verbose", "Be verbose") do
options[:verbose] = true
end
opt.on("-t", "--target HOSTNAME/IP[:PORT]", "Target SSL domain to check") do |target|
options[:target] = target
end
opt.on("-n", "--nagios", "Produce nagios compatible output") do
options[:nagios] = true
end
opt.on("-h", "--help", "Some useful help, derps.") do
puts opt
exit
end
end
begin
opt_parser.parse!
mandatory = [:target]
missing = mandatory.select{ |param| options[param].nil? }
if not missing.empty?
puts "Specifying a target is mandatory."
puts opt_parser
exit
end
rescue OptionParser::InvalidOption, OptionParser::MissingArgument
puts $!.to_s
puts opt_parser
exit 3
end
begin
uri = URI.parse("https://#{options[:target]}")
http = Net::HTTP::new(uri.host,uri.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
http.start do |h|
@cert = h.peer_cert
end
rescue
puts $!.to_s
exit 3
end
today = Date.today
expiry = Date.parse("#{@cert.not_after}")
days = expiry - today
days = days.truncate
if options[:nagios] == true
if days < 30
if days <15
puts days
exit 2
end
puts days
exit 1
else
puts days
exit 0
end
else
puts days
end