Warn expiring.pl
Aus HC Services
#!/usr/bin/perl -W use warnings; use strict; use DBI; my $DB = "openra"; my $server = "localhost"; my $db = "openca"; my $dbuser = "openca"; my $dbpw = "Blablabla"; my %certlist; my $sendmail = '/usr/sbin/sendmail -t'; my $mailfrom = 'pki@domain.org'; my $serial; my $email; my $name; my $date; my $time; my $days_left; my $dbh = DBI->connect("DBI:mysql:database=$db;host=$server", $dbuser, $dbpw); my $get_expiring = $dbh->prepare('select email, dn, cert_key, date_format(notafter, ' . $dbh->quote('%d.%c.%Y'). ') as date, date_format(notafter, ' . $dbh->quote('%k:%i:%S') . ') as time, datediff(date(notafter), now()) as days_left from really_expiring_certs;'); $get_expiring->execute(); while (my $expiring = $get_expiring->fetchrow_hashref()) { $serial = $expiring->{'cert_key'}; $email = $expiring->{'email'} || $mailfrom; $name = $expiring->{'dn'}; $date = $expiring->{'date'}; $time = $expiring->{'time'}; $days_left = $expiring->{'days_left'}; if ($days_left == 30 || $days_left == 15 || $days_left == 7 || $days_left == 4 || $days_left == 2 || $days_left == 1) { my $subject = 'Certificate with serial number ' . $serial . ' will expire'; my $text = <<EOF; Dear Owner of Certificate $serial, the certificate with the serial $serial and the subject $name will expire at $date, $time clock. ($days_left days until expire) Please visit our webpage to request a new certificate or contact your registration authority to renew the certificate. You can simply reply to this email for further informations. https://ca.domain.org:443 Please remember that the services for which the certificate is used will propably no longer usable if the certificate is expired. Sincerily Yours, Security Staff. EOF open(SENDMAIL, "|$sendmail") or die "Cannot open $sendmail: $!"; print SENDMAIL "From: " . $mailfrom . "\n"; print SENDMAIL "To: ". $email . "\n"; print SENDMAIL "Subject: " . $subject . "\n"; print SENDMAIL "Content-type: text/plain\n\n"; print SENDMAIL $text; close(SENDMAIL); } } $get_expiring->finish();
Zurück zu Warnen vor ablaufenden Zertifikaten