shell脚本检测ssl证书有效时间

 

[ytx@work shell]$ cat ssl_check.sh 
#!/bin/bash

# 设置要检查的域名和端口
DOMAIN="www.xxx.com"  #域名
PORT=443              #端口

# 获取SSL证书信息
CERT_INFO=$(openssl s_client -connect ${DOMAIN}:${PORT} -servername ${DOMAIN} -showcerts </dev/null 2>/dev/null | openssl x509 -dates -noout)

# 提取证书过期日期信息
START_DATE=$(echo "${CERT_INFO}" | grep "notBefore" | cut -d'=' -f 2)
END_DATE=$(echo "${CERT_INFO}" | grep "notAfter" | cut -d'=' -f 2)

# 将日期转换为Unix时间戳
START_TIMESTAMP=$(date -d "${START_DATE}" +%s)
END_TIMESTAMP=$(date -d "${END_DATE}" +%s)
CURRENT_TIMESTAMP=$(date +%s)

# 计算剩余天数
DAYS_REMAINING=$(( (${END_TIMESTAMP} - ${CURRENT_TIMESTAMP}) / 86400 ))

# 输出结果
echo "SSL证书信息:"
echo " - 域名: ${DOMAIN}"
echo " - 证书开始日期: ${START_DATE}"
echo " - 证书过期日期: ${END_DATE}"
echo " - 剩余天数: ${DAYS_REMAINING} 天"

# 检查是否过期
if [ ${CURRENT_TIMESTAMP} -gt ${END_TIMESTAMP} ]; then
  echo "证书已过期！"
else
  echo "证书在有效期内。"
fi

 

执行结果：