域名证书有效期检测

域名证书有效期检测

ssl_test.sh:
#!/bin/bash
# 检测https证书有效期

source /etc/profile



cd $(dirname $0)
echo "域名      解析IP     剩余到期时间" > expire_list
echo "10.3.229.14 访问不可达域名" > time_out_list
for list_file in $(ls *.http_list);do
    grep -Ev "^#" ${list_file} | while read line; do
    echo "====================================================================================="




    echo "当前检测的域名:" $line
    end_time=$(echo | timeout 1 openssl s_client -servername $line -connect $line:443 2>/dev/null | openssl x509 -noout -enddate 2>/dev/null | awk -F '=' '{print $2}' )
    ([ $? -ne 0 ] || [[ $end_time == '' ]]) && echo "$line" >> time_out_list  && continue




    end_times=`date -d "$end_time" +%s `
    #current_times=`date -d "$(date -u '+%b %d %T %Y GMT') " +%s `
    current_times=$(date +%s)




    let left_time=$end_times-$current_times
    days=`expr $left_time / 86400`
    echo "剩余天数: " $days
    domain_ip=$(dig $line | grep $line | grep -Ev '^;' | awk '{print $5}')
    expire_http_line="$line $domain_ip $days"
    [ $days -lt 30 ] && [ $days -gt 0 ] && echo "https 证书有效期少于30天,存在风险" && printf "%-20s %-15s %-2s\n" ${expire_http_line} >> expire_list
    done


done
# 判断,然后发送知音楼
if grep -Ev '^域名' expire_list &>/dev/null; then
    echo "存在风险,推送知音楼"
    python /usr/local/bin/DingDing.py "$(cat expire_list)"
fi

DingDing.py

#!/usr/bin/python
import hashlib
import hmac
import base64
import time
import urllib
import requests
import json
import sys
import os

headers = {'Content-Type': 'application/json;character=utf-8'}
webhook = 'https://yach-oapi.zhiyinlou.com/robot/send?access_token=ZGdteE9ZNFBGbEE0U0Y3NXQreWEvcmtjOXRXM3MrVER6QWpVTmh4M2g4Z3hwc2ZiMjhzeGMxRWtLL1YwRlp6ZA'
message = bytes("Message").encode('utf-8')
secret = 'SECbc28f49eb58bfbd83aa0072824139080'
secret = secret.encode('utf-8')
timestamp = int(round(time.time() * 1000))
timetest = time.time()
data = '{}\n{}'.format(timestamp, secret)
sign = urllib.quote_plus(base64.b64encode(hmac.new(secret, data, digestmod=hashlib.sha256).digest()))
timestamp = str(timestamp)
api_url_zyl = webhook + '&timestamp=' + timestamp + '&sign=' + sign
api_url_dingding = "https://oapi.dingtalk.com/robot/send?access_token=3bc955019f49f3ebbc562c1a84d2ddf5d2524c0f38d63c246aeb312855c8b802"

def msg(text):
    json_text= {
     "msgtype": "text",
     "text": {
         "content": text
     },
     "at": {
         "atMobiles": [
         ],
         "isAtAll": False
     }
    }
    print requests.post(api_url_zyl,json.dumps(json_text),headers=headers).content

if __name__== '__main__':
    text = sys.argv[1]
    msg(text)
posted @ 2022-04-02 14:51  大川哥  阅读(382)  评论(0编辑  收藏  举报