Warn expiring crl
Aus HC Services
#!/usr/bin/perl -W use warnings; use strict; use DBI; my $DB = "openra"; my $server = "localhost"; my $db = "openca"; my $dbuser = "openca"; my $dbpw = "Blablabla"; my %certlist; my $sendmail = '/usr/sbin/sendmail -t'; my $mailfrom = 'pki@domain.org'; my $serial; my $next_update; my $days_left; my $dbh = DBI->connect("DBI:mysql:database=$db;host=$server", $dbuser, $dbpw); my $get_expiring = $dbh->prepare('SELECT CAST(crl_key as UNSIGNED) AS serial, STR_TO_DATE(next_update, ' . $dbh->quote('%b %e %H:%i:%s %Y') . ') AS next_update, datediff(date(STR_TO_DATE(next_update, ' . $dbh->quote('%b %e %H:%i:%s %Y') . ')), now()) as days_left FROM crl ORDER BY 1 DESC LIMIT 1;'); $get_expiring->execute(); my $expiring = $get_expiring->fetchrow_hashref(); $serial = $expiring->{'serial'}; $next_update = $expiring->{'next_update'}; $days_left = $expiring->{'days_left'}; if ($days_left == 30 || $days_left == 15 || $days_left == 7 || $days_left == 4 || $days_left == 2 || $days_left == 1) { my $subject = 'CRL with serial number ' . $serial . ' will needs to be updated'; my $text = <<EOF; Dear PKI team, the CRL with the serial $serial is the latest CRL and needs to be updated. It will expire in $days_left days! Sincerily Yours, Security Staff. EOF open(SENDMAIL, "|$sendmail") or die "Cannot open $sendmail: $!"; print SENDMAIL "From: " . $mailfrom . "\n"; print SENDMAIL "To: ". $mailfrom . "\n"; print SENDMAIL "Subject: " . $subject . "\n"; print SENDMAIL "Content-type: text/plain\n\n"; print SENDMAIL $text; close(SENDMAIL); } $get_expiring->finish();
Zurück zu Warnen vor ablaufenden_CRL's