Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.7 Legacy Series
»
script to test for opnsense certificates about to expire.
« previous
next »
Print
Pages: [
1
]
Author
Topic: script to test for opnsense certificates about to expire. (Read 1471 times)
hboetes
Newbie
Posts: 15
Karma: 4
script to test for opnsense certificates about to expire.
«
on:
December 30, 2020, 01:50:06 pm »
To warn me before certificates expire I wrote this little script. I hope this might be useful to someone.
If anyone knows about a more elegant method — preferably already implemented in opnsense itself — please let me know.
#!/bin/sh
# Email recipient of the warning emails.
recp=root
# List of servers
servers="firewall01 firewall02 firewall03"
nextmonth=$(TZ=GMT LC_TIME=C date '+%b.*%Y' --date='00:00 next Month')
for server in $servers; do
exp=$(ssh root@$server openssl x509 -in /var/etc/cert.pem -text -noout | grep 'Not After')
if echo $exp|grep -q $nextmonth; then
msg="${server}'s certificate is about to expire, go fix that ASAP"
echo "$msg" | mail -s "$msg" $recp
fi
done
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.7 Legacy Series
»
script to test for opnsense certificates about to expire.
