Überprüfen des Ablaufdatums des SSL-Zertifikats
Das folgende Skript ist ein Dienstprogramm zum Überprüfen des Ablaufdatums von SSL-Zertifikaten eines beliebigen Hosts.
Es zeigt die verbleibende Gültigkeitsdauer des Hosts und – wenn diese innerhalb von 14 Tagen ablaufen – auch der „Intermediate“- und „Root“-Zertifikate an.
😉
function checkHost(host){
var url = new java.net.URL("https://" + host);
var result ="";
try {
var conn = url.openConnection();
conn.connect();
var certs = conn.getServerCertificates();
for (var i=0; i<certs.length;i++) {
var xc = certs[i];
var dn = xc.getSubjectDN().getName();
var expiresOn = xc.getNotAfter();
var now = new Date();
println("issuer: " + xc.getIssuerDN());
println("subject DN: " + xc.getSubjectDN());
var days = (expiresOn.getTime() - now.getTime()) / (1000 * 60 * 60 * 24);
if(dn.contains(host) || days<14){
result+=host + ": certificate for "+dn+" expires on :" + expiresOn + ", "+ days + " days to go.\n";
}
}
}
catch (e) {
e.printStackTrace();
return(host + " could not establish connection. Please check!\n");
}
return result;
}
task.description="";
task.description+=checkHost("myhost.com");
task.description+=checkHost("www.google.com");
var url = new java.net.URL("https://" + host);
var result ="";
try {
var conn = url.openConnection();
conn.connect();
var certs = conn.getServerCertificates();
for (var i=0; i<certs.length;i++) {
var xc = certs[i];
var dn = xc.getSubjectDN().getName();
var expiresOn = xc.getNotAfter();
var now = new Date();
println("issuer: " + xc.getIssuerDN());
println("subject DN: " + xc.getSubjectDN());
var days = (expiresOn.getTime() - now.getTime()) / (1000 * 60 * 60 * 24);
if(dn.contains(host) || days<14){
result+=host + ": certificate for "+dn+" expires on :" + expiresOn + ", "+ days + " days to go.\n";
}
}
}
catch (e) {
e.printStackTrace();
return(host + " could not establish connection. Please check!\n");
}
return result;
}
task.description="";
task.description+=checkHost("myhost.com");
task.description+=checkHost("www.google.com");