项目作者: codebox

项目描述 :
A Python script for checking when HTTPS certificates will expire
高级语言: Python
项目地址: git://github.com/codebox/https-certificate-expiry-checker.git
创建时间: 2020-11-15T14:51:26Z
项目社区:https://github.com/codebox/https-certificate-expiry-checker

开源协议:MIT License

下载


https-certificate-expiry-checker

This is a Python script for checking the expiry dates of website TLS/SSL certificates, used for creating secure HTTPS connections.

To use the script simply run it from the command line, along with a list of the domain names you wish to check. For example:

  1. > python check-certificates.py codebox.net www.codebox.net api.codebox.net oldtime.radio c0debox.net
  2. Checking 5 endpoints...
  3. codebox.net OK expires in 48 days
  4. www.codebox.net OK expires in 48 days
  5. api.codebox.net OK expires in 48 days
  6. oldtime.radio WARN expires in 6 days 21 hours 13 minutes
  7. c0debox.net ERROR [Errno 8] nodename nor servname provided, or not known

The script will list the status of each domain’s certificate, displaying ‘OK‘ if the certificate was retrieved and is not expiring soon, ‘WARN‘ if the certificate’s expiry date is getting close, or ‘ERROR‘ if the certificate has already expired, or if there is some other problem such as the host could not be found, or no certificate could be retrieved.

By default ‘WARN‘ will be displayed if there are less than 7 days until a certificate expires, but this interval can be changed by altering the value of the WARN_IF_DAYS_LESS_THAN variable.

If any of the domains are using a non-standard port for HTTPS then this should be specified using the usual notation of host:port, for example:

  1. > python check-certificates.py test.codebox.net:8443

The script returns an exit code indicating whether the checks passed or not, making it easier to take appropriate action in a shell script (for example, send a email if the checks fail):

Condition Exit Code
Everything is fine, none of the certificates are expiring soon 0
At least one certificate is expiring soon 1
At least one certificate has expired, is invalid, or could not be retrieved 2
Both of the previous conditions occurred 3
No domain list was provided when running the script 9

Certificate checks are performed in parallel, making the process of checking multiple domains much quicker. The number of concurrent checks that will be performed is determined by the value of the WORKER_THREAD_COUNT variable.