diff options
author | Evgeny Zinoviev <me@ch1p.io> | 2022-07-09 23:50:02 +0300 |
---|---|---|
committer | Evgeny Zinoviev <me@ch1p.io> | 2022-07-09 23:50:02 +0300 |
commit | 47bef947d8ec53e92cd20d3f14f92ecd86d9d2b4 (patch) | |
tree | d4bb5465d47c8198154fb7bdea9cc7149bd2b90f |
initial
-rw-r--r-- | LICENSE | 20 | ||||
-rw-r--r-- | README | 4 | ||||
-rw-r--r-- | ssl_check.php | 57 |
3 files changed, 81 insertions, 0 deletions
@@ -0,0 +1,20 @@ +The MIT License (MIT) + +Copyright (c) 2021 Evgeny Zinoviev + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software is furnished to do so, +subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS +FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR +COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER +IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. @@ -0,0 +1,4 @@ +Simple PHP script that checks SSL certificates expiration dates for a list of given domains +and notifies you via Telegram if some of them are about to expire. + +Supposed to be run by cron daily or so. diff --git a/ssl_check.php b/ssl_check.php new file mode 100644 index 0000000..3d60b97 --- /dev/null +++ b/ssl_check.php @@ -0,0 +1,57 @@ +#!/usr/bin/env php +<?php + +function notify($text) { + $fields = [ + 'chat_id' => TELEGRAM_CHAT_ID, + 'text' => $text, + ]; + + $ch = curl_init(); + $url = 'https://api.telegram.org/bot'.TELEGRAM_BOT_TOKEN.'/sendMessage'; + curl_setopt($ch, CURLOPT_URL, $url); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + curl_setopt($ch, CURLOPT_POST, true); + curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); + curl_setopt($ch, CURLOPT_TIMEOUT, 10); + curl_setopt($ch, CURLOPT_POSTFIELDS, $fields); + curl_exec($ch); + curl_close($ch); +} + +$domains = [ + 'example.com', + 'example.org', + // add domains here +]; +$now = time(); + +const TELEGRAM_CHAT_ID = 0; +const TELEGRAM_BOT_TOKEN = ''; + +foreach ($domains as $d) { + $ipv4 = gethostbyname($d); + if ($ipv4 == $d) { + echo $d.": gethostbyname did not found ipv4\n"; + continue; + } + + $get = stream_context_create([ + 'ssl' => [ + 'capture_peer_cert' => true, + 'verify_peer' => false, + 'verify_peer_name' => false, + 'allow_self_signed' => true, + 'verify_depth' => 0, + ] + ]); + $read = stream_socket_client('ssl://'.$d.':443', $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $get); + $cert = stream_context_get_params($read); + $certinfo = openssl_x509_parse($cert['options']['ssl']['peer_certificate']); + + $valid_to = $certinfo['validTo_time_t']; + if ($valid_to - $now < 86400*7) { + $text = "SSL-сертификат для {$d} истекает ".date('d.m.Y H:i:s', $valid_to); + notify($text); + } +} |