kumistatus/sslexpiry.py

#!/usr/bin/python3

import logging, datetime, setuptools, ssltools, twitools

def getExpiry(host, port, notify, two = twitools.twObject()):
 pbefore = int(setuptools.getSetting("SSL", "pbefore"))
 pafter = int(setuptools.getSetting("SSL", "pafter"))

 try:
  expiry = ssltools.getRemoteExpiry(host, port)
  diff = expiry - datetime.datetime.now()
  if diff < datetime.timedelta(days=pbefore):
   if expiry > datetime.datetime.now():
    two.tweet("@%s %s certificate expiring soon (%s). Please renew." % (notify, host, expiry))
   elif expiry + datetime.timedelta(days=pafter) < datetime.datetime.now():
    two.tweet("@%s %s certificate has expired! (%s) Please renew ASAP!" % (notify, host, expiry))
 except:
  logging.exception("Could not verify certificate.")
  two.tweet("@%s Could not verify SSL certificate on %s:%i. Is the server down?" % (notify, host, port))

if __name__ == "__main__":
 hosts = setuptools.getListSetting("SSL", "hosts")

 for h in hosts:
  getExpiry(h[0], h[1], h[2])