crypto-utils/certwatch.cron

#!/bin/bash
#
# Issue warning e-mails if SSL certificates expire, using
# certwatch(1).  Set NOCERTWATCH=yes in /etc/sysconfig/httpd
# to disable.  Pass additional options to certwatch in the
# CERTWATCH_OPTS variable; see the man page for details.
# 

[ -r /etc/sysconfig/httpd ] && . /etc/sysconfig/httpd

# Use configured httpd binary
httpd=${HTTPD-/usr/sbin/httpd}

# Sanity checks
test -z "${NOCERTWATCH}" || exit 0
test -x ${httpd} || exit 0
test -x /usr/bin/certwatch || exit 0
test -r /etc/httpd/conf/httpd.conf || exit 0
test -x /usr/sbin/sendmail || exit 0
test -x /etc/httpd/modules/mod_ssl.so || exit 0
test -x /bin/sort || exit 0

set -o pipefail # pick up exit code of httpd not sort

certs=`${httpd} ${OPTIONS} -t -DDUMP_CERTS 2>/dev/null | /bin/sort -u`
RETVAL=$?
test $RETVAL -eq 0 || exit 0

for c in $certs; do
  # Check whether a warning message is needed, then issue one if so.
  /usr/bin/certwatch $CERTWATCH_OPTS -q "$c" && 
    /usr/bin/certwatch $CERTWATCH_OPTS "$c" | /usr/sbin/sendmail -oem -oi -t 2>/dev/null
done
- certwatch: prevent warnings for duplicate certs (#103807) - make /etc/cron.daily/certwatch 0755 (#141003) - add genkey(1) man page (#134821) 2005-02-15 16:30:01 +00:00			`#!/bin/bash`
- add /usr/bin/certwatch - support --days argument to genkey (#131045) 2004-09-10 14:16:06 +00:00			`#`
			`# Issue warning e-mails if SSL certificates expire, using`
- pass $OPTIONS to $HTTPD in certwatch.cron - man page tweaks 2005-04-26 12:39:15 +00:00			`# certwatch(1). Set NOCERTWATCH=yes in /etc/sysconfig/httpd`
- add configuration options for certwatch (#152990) - allow passing options in certwatch.cron via $CERTWATCH_OPTS - require openssl with /etc/pki/tls 2005-04-26 09:20:45 +00:00			`# to disable. Pass additional options to certwatch in the`
- pass $OPTIONS to $HTTPD in certwatch.cron - man page tweaks 2005-04-26 12:39:15 +00:00			`# CERTWATCH_OPTS variable; see the man page for details.`
- add /usr/bin/certwatch - support --days argument to genkey (#131045) 2004-09-10 14:16:06 +00:00			`#`

			`[ -r /etc/sysconfig/httpd ] && . /etc/sysconfig/httpd`

			`# Use configured httpd binary`
			`httpd=${HTTPD-/usr/sbin/httpd}`

			`# Sanity checks`
			`test -z "${NOCERTWATCH}" \|\| exit 0`
			`test -x ${httpd} \|\| exit 0`
			`test -x /usr/bin/certwatch \|\| exit 0`
			`test -r /etc/httpd/conf/httpd.conf \|\| exit 0`
			`test -x /usr/sbin/sendmail \|\| exit 0`
			`test -x /etc/httpd/modules/mod_ssl.so \|\| exit 0`
- certwatch: prevent warnings for duplicate certs (#103807) - make /etc/cron.daily/certwatch 0755 (#141003) - add genkey(1) man page (#134821) 2005-02-15 16:30:01 +00:00			`test -x /bin/sort \|\| exit 0`
- add /usr/bin/certwatch - support --days argument to genkey (#131045) 2004-09-10 14:16:06 +00:00
- certwatch: prevent warnings for duplicate certs (#103807) - make /etc/cron.daily/certwatch 0755 (#141003) - add genkey(1) man page (#134821) 2005-02-15 16:30:01 +00:00			`set -o pipefail # pick up exit code of httpd not sort`

- pass $OPTIONS to $HTTPD in certwatch.cron - man page tweaks 2005-04-26 12:39:15 +00:00			certs=`${httpd} ${OPTIONS} -t -DDUMP_CERTS 2>/dev/null \| /bin/sort -u`
- add /usr/bin/certwatch - support --days argument to genkey (#131045) 2004-09-10 14:16:06 +00:00			`RETVAL=$?`
			`test $RETVAL -eq 0 \|\| exit 0`

			`for c in $certs; do`
			`# Check whether a warning message is needed, then issue one if so.`
- add configuration options for certwatch (#152990) - allow passing options in certwatch.cron via $CERTWATCH_OPTS - require openssl with /etc/pki/tls 2005-04-26 09:20:45 +00:00			`/usr/bin/certwatch $CERTWATCH_OPTS -q "$c" &&`
			`/usr/bin/certwatch $CERTWATCH_OPTS "$c" \| /usr/sbin/sendmail -oem -oi -t 2>/dev/null`
- add /usr/bin/certwatch - support --days argument to genkey (#131045) 2004-09-10 14:16:06 +00:00			`done`