#!/bin/bash
# Author: royoy
# Desc: check the valid time of your domainName cer
# Eg: bash ssl_check.sh "域名1" "域名2" ...
openssl_bin="$(which openssl)"
domainNames="${*:?域名不能为空}"
current_time="$(date "+%Y %m %d %H %M %S")"
for domainName in ${domainNames}
do
cer_query_info="$(echo | openssl s_client -connect $domainName:443 2> >(awk '/depth=0 CN = /{print $4}') > >(openssl x509 -noout -dates | awk -F"[=GMT]" '/notAfter/{print $2}'))"
cer_exp_time_eng="$(echo $cer_query_info | awk '{$NF="";print $0}')"
host_domainName="$(echo $cer_query_info | awk '{print $NF}')"
cer_exp_time_common="$(date "+%Y %m %d %H %M %S" -d "$cer_exp_time_eng")"
valid_time="$(awk 'BEGIN{exp_time=mktime("'"$cer_exp_time_common"'");cur_time=mktime("'"$current_time"'");days=(exp_time-cur_time)/86400;print days}')"
if [ -z "$cer_exp_time_eng" ];then echo "[$domainName] invalid or not found a host";continue;fi
if [ "$host_domainName" != "$domainName" ];then
echo '-------------------------------------------------------------'
echo "域名[$domainName]没有有效的证书"
echo "域名[$domainName]所在的主机下有另外一个域名:[$host_domainName]"
echo "域名[$host_domainName]当前证书有效期剩余天数: $valid_time"
echo '-------------------------------------------------------------'
else
echo '-------------------------------------------------------------'
echo "域名[$domainName]当前证书有效期剩余天数: $valid_time"
echo '-------------------------------------------------------------'
fi
done
