149 lines
4.4 KiB
Plaintext
149 lines
4.4 KiB
Plaintext
|
#!/bin/bash
|
|||
|
|
|
|||
|
|
# Schwellwerte definieren
|
|||
|
|
warn=40
|
|||
|
|
crit=10
|
|||
|
|
max_days=365.0
|
|||
|
|
|
|||
|
|
# Liste der Domains
|
|||
|
|
DOMAINS=(
|
|||
|
|
"ad.ghnit.net"
|
|||
|
|
"aduxa.de"
|
|||
|
|
"api.distributors-network.com"
|
|||
|
|
"aurenz.gc-gruppe.net"
|
|||
|
|
"avdelinger.heidenreich.no"
|
|||
|
|
"bimsplus24.com.pl"
|
|||
|
|
"bimsplus24.pl"
|
|||
|
|
"city-log.de"
|
|||
|
|
"conel.de"
|
|||
|
|
"cordesundgraefe-stiftung.de"
|
|||
|
|
"corpo-group.com"
|
|||
|
|
"cosmo-info.de"
|
|||
|
|
"cpi-dev.ad.ghnit.net"
|
|||
|
|
"cpi-prod.ad.ghnit.net"
|
|||
|
|
"cpi-test.ad.ghnit.net"
|
|||
|
|
"datpool.net"
|
|||
|
|
"dev.rz.gc-gruppe.net"
|
|||
|
|
"developer.distributors-network.com"
|
|||
|
|
"distributors-network.com"
|
|||
|
|
"dtg-handel.de"
|
|||
|
|
"dtgonlineplus.de"
|
|||
|
|
"edvstatus.gc-gruppe.de"
|
|||
|
|
"efg-gruppe.de"
|
|||
|
|
"efgonlineplus.de"
|
|||
|
|
"elements-a.de"
|
|||
|
|
"elements-show.at"
|
|||
|
|
"elements-show.de"
|
|||
|
|
"fkr.de"
|
|||
|
|
"fkronlineplus.de"
|
|||
|
|
"gc-gruppe.at"
|
|||
|
|
"gc-gruppe.de"
|
|||
|
|
"gc-gruppe.net"
|
|||
|
|
"gc-neuheiten-messe.de"
|
|||
|
|
"gcg-cee-fr-133.mra.datpool.net"
|
|||
|
|
"gconlineplus.at"
|
|||
|
|
"gconlineplus.be"
|
|||
|
|
"gconlineplus.de"
|
|||
|
|
"gconlineplus.hu"
|
|||
|
|
"grosshaendlernetzwerk.at"
|
|||
|
|
"grosshaendlernetzwerk.de"
|
|||
|
|
"gut-gruppe.de"
|
|||
|
|
"gutonlineplus.de"
|
|||
|
|
"heidenreich-online.no"
|
|||
|
|
"hti24.com.pl"
|
|||
|
|
"hti24.pl"
|
|||
|
|
"hti-bulgaria.com"
|
|||
|
|
"hti-handel.de"
|
|||
|
|
"htionlineplus.at"
|
|||
|
|
"htionlineplus.de"
|
|||
|
|
"huelsenonlineplus.de"
|
|||
|
|
"hydrosolar24.com.pl"
|
|||
|
|
"hydrosolar24.pl"
|
|||
|
|
"hydrosolaronline.pl"
|
|||
|
|
"i-log.de"
|
|||
|
|
"itg-handel.de"
|
|||
|
|
"itgonlineplus.com"
|
|||
|
|
"itgonlineplus.de"
|
|||
|
|
"jobs.karriere-chancen.net"
|
|||
|
|
"kuechenstil.de"
|
|||
|
|
"laponeonlineplus.de"
|
|||
|
|
"lvmatcher2.gc-gruppe.net"
|
|||
|
|
"lvmatcher.gc-gruppe.net"
|
|||
|
|
"nfg-gruppe.at"
|
|||
|
|
"nfg-gruppe.de"
|
|||
|
|
"nfgonlineplus.de"
|
|||
|
|
"onlineplus.store"
|
|||
|
|
"poesis.de"
|
|||
|
|
"productdataportal.com"
|
|||
|
|
"produktdatenportal.gc-gruppe.de"
|
|||
|
|
"red-de-distribuidores.es"
|
|||
|
|
"rz.gc-gruppe.net"
|
|||
|
|
"sap.gc-gruppe.net"
|
|||
|
|
"schachtplaner.de"
|
|||
|
|
"servicequadrat.info"
|
|||
|
|
"siabiosca.com"
|
|||
|
|
"sistems.at"
|
|||
|
|
"sistems.de"
|
|||
|
|
"tecget.de"
|
|||
|
|
"tfg-gruppe.de"
|
|||
|
|
"tfgonlineplus.de"
|
|||
|
|
"trinnity.de"
|
|||
|
|
"vigour.de"
|
|||
|
|
"vigour.es"
|
|||
|
|
"wconfigure.com"
|
|||
|
|
"armtestrz05.rz.gc-gruppe.net"
|
|||
|
|
)
|
|||
|
|
|
|||
|
|
# Funktion zur Prüfung eines Zertifikats
|
|||
|
|
check_certificate() {
|
|||
|
|
DOMAIN=$1
|
|||
|
|
TIMEOUT=2
|
|||
|
|
|
|||
|
|
# Port je nach Domain setzen
|
|||
|
|
if [ "$DOMAIN" == "armtestrz05.rz.gc-gruppe.net" ]; then
|
|||
|
|
PORT=8443
|
|||
|
|
else
|
|||
|
|
PORT=443
|
|||
|
|
fi
|
|||
|
|
|
|||
|
|
# Ablaufdatum des Zertifikats abrufen mit Timeout und Fehlerausgabe unterdrücken
|
|||
|
|
EXPIRY_DATE=$(timeout $TIMEOUT openssl s_client -connect $DOMAIN:$PORT -servername $DOMAIN 2>/dev/null | openssl x509 -noout -enddate 2>/dev/null | cut -d= -f2)
|
|||
|
|
|
|||
|
|
if [ -z "$EXPIRY_DATE" ]; then
|
|||
|
|
echo "2 SSL_CERT_$DOMAIN remaining_days=0;$warn;$crit;0;$max_days CRITICAL - Das Zertifikat für $DOMAIN konnte nicht abgerufen werden (Timeout). | remaining_days=0;$warn;$crit;0;$max_days"
|
|||
|
|
return 2
|
|||
|
|
fi
|
|||
|
|
|
|||
|
|
# Ablaufdatum in Sekunden seit dem Unix-Epoch umrechnen
|
|||
|
|
EXPIRY_DATE_SECONDS=$(date -d "$EXPIRY_DATE" +%s)
|
|||
|
|
|
|||
|
|
# Aktuelles Datum in Sekunden seit dem Unix-Epoch
|
|||
|
|
CURRENT_DATE_SECONDS=$(date +%s)
|
|||
|
|
|
|||
|
|
# Verbleibende Tage berechnen
|
|||
|
|
REMAINING_DAYS=$(( (EXPIRY_DATE_SECONDS - CURRENT_DATE_SECONDS) / 86400 ))
|
|||
|
|
|
|||
|
|
# CheckMK Status und Nachricht definieren
|
|||
|
|
if [ $REMAINING_DAYS -le $crit ]; then
|
|||
|
|
echo "2 SSL_CERT_$DOMAIN remaining_days=$REMAINING_DAYS;$warn;$crit;0;$max_days CRITICAL - Das Zertifikat für $DOMAIN läuft in $REMAINING_DAYS Tagen ab. | remaining_days=$REMAINING_DAYS;$warn;$crit;0;$max_days"
|
|||
|
|
return 2
|
|||
|
|
elif [ $REMAINING_DAYS -le $warn ]; then
|
|||
|
|
echo "1 SSL_CERT_$DOMAIN remaining_days=$REMAINING_DAYS;$warn;$crit;0;$max_days WARNING - Das Zertifikat für $DOMAIN läuft in $REMAINING_DAYS Tagen ab. | remaining_days=$REMAINING_DAYS;$warn;$crit;0;$max_days"
|
|||
|
|
return 1
|
|||
|
|
else
|
|||
|
|
echo "0 SSL_CERT_$DOMAIN remaining_days=$REMAINING_DAYS;$warn;$crit;0;$max_days OK - Das Zertifikat für $DOMAIN läuft in $REMAINING_DAYS Tagen ab. | remaining_days=$REMAINING_DAYS;$warn;$crit;0;$max_days"
|
|||
|
|
return 0
|
|||
|
|
fi
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
# Hauptschleife zur Prüfung aller Domains
|
|||
|
|
overall_status=0
|
|||
|
|
for domain in "${DOMAINS[@]}"; do
|
|||
|
|
check_certificate $domain
|
|||
|
|
status=$?
|
|||
|
|
if [ $status -gt $overall_status ]; then
|
|||
|
|
overall_status=$status
|
|||
|
|
fi
|
|||
|
|
done
|
|||
|
|
|
|||
|
|
exit $overall_status
|