52 lines
1.1 KiB
Bash
52 lines
1.1 KiB
Bash
|
#!/bin/sh
|
||
|
# Begin remove-expired-certs.sh
|
||
|
#
|
||
|
# Version 20120211
|
||
|
|
||
|
# Make sure the date is parsed correctly on all systems
|
||
|
mydate()
|
||
|
{
|
||
|
local y=$( echo $1 | cut -d" " -f4 )
|
||
|
local M=$( echo $1 | cut -d" " -f1 )
|
||
|
local d=$( echo $1 | cut -d" " -f2 )
|
||
|
local m
|
||
|
|
||
|
[ -z "${d}" ] && d="0"
|
||
|
[ "${d}" -lt 10 ] && d="0${d}"
|
||
|
|
||
|
case $M in
|
||
|
Jan) m="01";;
|
||
|
Feb) m="02";;
|
||
|
Mar) m="03";;
|
||
|
Apr) m="04";;
|
||
|
May) m="05";;
|
||
|
Jun) m="06";;
|
||
|
Jul) m="07";;
|
||
|
Aug) m="08";;
|
||
|
Sep) m="09";;
|
||
|
Oct) m="10";;
|
||
|
Nov) m="11";;
|
||
|
Dec) m="12";;
|
||
|
esac
|
||
|
|
||
|
certdate="${y}${m}${d}"
|
||
|
}
|
||
|
|
||
|
DIR="$1"
|
||
|
[ -z "$DIR" ] && DIR=$(pwd)
|
||
|
|
||
|
today=$(date +%Y%m%d)
|
||
|
|
||
|
find ${DIR} -type f -a -iname "*.crt" -printf "%p\n" | while read cert; do
|
||
|
notafter=$(/usr/bin/openssl x509 -enddate -in "${cert}" -noout)
|
||
|
date=$( echo ${notafter} | sed 's/^notAfter=//' )
|
||
|
mydate "$date"
|
||
|
|
||
|
if [ ${certdate} -lt ${today} ]; then
|
||
|
echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
|
||
|
echo "EXPIRED CERTIFICATE FOUND $certdate: \"$(basename ${cert})\""
|
||
|
echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
|
||
|
rm -f "${cert}"
|
||
|
fi
|
||
|
done
|