cert-expirations.sh: search for valid certificates in the index file rather than in a directory where files could be deleted with the certificates still being valids
This commit is contained in:
parent
92ee845207
commit
4b2b8a95ff
|
@ -16,9 +16,11 @@ openssl x509 -enddate -noout -in /etc/shellpki/cacert.pem \
|
||||||
echo ""
|
echo ""
|
||||||
|
|
||||||
echo "Client certificates:"
|
echo "Client certificates:"
|
||||||
grep "Not After" -r /etc/shellpki/certs/ \
|
cat /etc/shellpki/index.txt \
|
||||||
| sed -e "s/^.*certs\/\([-._@a-zA-Z0-9]*\).*After\ :\ \(.*\).*GMT$/\2\1X/" \
|
| grep ^V \
|
||||||
| sed -e "s/^\(.*\)\ \(20..\)\ \(.*\)$/- \2 \1 \3/" \
|
| awk -F "/" '{print $1,$5}' \
|
||||||
| tr "X" "\n" \
|
| awk '{print $2,$5}' \
|
||||||
| sed '/^$/d' \
|
| sed 's/CN=//' \
|
||||||
|
| sed -E 's/([[:digit:]]{2})([[:digit:]]{2})([[:digit:]]{2})([[:digit:]]{2})([[:digit:]]{2})([[:digit:]]{2})Z (.*)/- 20\1 \2 \3 \4:\5:\6 \7/' \
|
||||||
|
| awk '{if ($3 == "01") $3="Jan"; else if ($3 == "02") $3="Feb"; else if ($3 == "03") $3="Mar"; else if ($3 == "04") $3="Apr"; else if ($3 == "05") $3="May"; else if ($3 == "06") $3="Jun"; else if ($3 == "07") $3="Jul"; else if ($3 == "08") $3="Aug"; else if ($3 == "09") $3="Sep"; else if ($3 == "10") $3="Oct"; else if ($3 == "11") $3="Nov"; else if ($3 == "12") $3="Dec"; print $0;}' \
|
||||||
| sort -n -k 2 -k 3M -k 4
|
| sort -n -k 2 -k 3M -k 4
|
||||||
|
|
Loading…
Reference in a new issue