void-packages/srcpkgs/ca-certificates/files/remove-expired-certs.sh

52 lines
1.1 KiB
Bash
Raw Normal View History

#!/bin/sh
# Begin remove-expired-certs.sh
#
# Version 20120211
# Make sure the date is parsed correctly on all systems
mydate()
{
local y=$( echo $1 | cut -d" " -f4 )
local M=$( echo $1 | cut -d" " -f1 )
local d=$( echo $1 | cut -d" " -f2 )
local m
[ -z "${d}" ] && d="0"
[ "${d}" -lt 10 ] && d="0${d}"
case $M in
Jan) m="01";;
Feb) m="02";;
Mar) m="03";;
Apr) m="04";;
May) m="05";;
Jun) m="06";;
Jul) m="07";;
Aug) m="08";;
Sep) m="09";;
Oct) m="10";;
Nov) m="11";;
Dec) m="12";;
esac
certdate="${y}${m}${d}"
}
DIR="$1"
[ -z "$DIR" ] && DIR=$(pwd)
today=$(date +%Y%m%d)
find ${DIR} -type f -a -iname "*.crt" -printf "%p\n" | while read cert; do
notafter=$(/usr/bin/openssl x509 -enddate -in "${cert}" -noout)
date=$( echo ${notafter} | sed 's/^notAfter=//' )
mydate "$date"
if [ ${certdate} -lt ${today} ]; then
echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
echo "EXPIRED CERTIFICATE FOUND $certdate: \"$(basename ${cert})\""
echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
rm -f "${cert}"
fi
done