#!/bin/bash
# Author: royoy
# Desc: check the valid time of your domainName cer
# Eg: bash ssl_check.sh "域名1" "域名2" ...
openssl_bin="$(which openssl)"
domainNames="${*:?域名不能为空}"
for domainName in ${domainNames}
do
cer_exp_time_eng="$(echo | $openssl_bin s_client -servername $domainName -connect $domainName:443 2>/dev/null | openssl x509 -noout -dates 2>&1 | awk -F"[=GMT]" '/notAfter/{print $2}')"
if [ -z "$cer_exp_time_eng" ];then echo "[$domainName] invalid";continue;fi
cer_exp_time_common="$(date "+%Y %m %d %H %M %S" -d "$cer_exp_time_eng")"
current_time="$(date "+%Y %m %d %H %M %S")"
valid_time="$(awk 'BEGIN{exp_time=mktime("'"$cer_exp_time_common"'");cur_time=mktime("'"$current_time"'");days=(exp_time-cur_time)/86400;print "域名['"$domainName"']当前证书有效期剩余天数: "days}')"
echo $valid_time
done
