46 lines
1.3 KiB
Bash
46 lines
1.3 KiB
Bash
#!/bin/sh
|
|
|
|
set -e
|
|
|
|
for cert in /var/lib/ocserv/certs/*.crt ; do
|
|
# get email
|
|
email="$(openssl x509 -noout -email -in "${cert}")"
|
|
if [ -z "${email}" ] ; then
|
|
# if emailAddress is not specified in certificate, assume CN is the email
|
|
email="$(openssl x509 -noout -subject -in "${cert}" | sed 's/^.* CN = \([^,]*\).*$/\1/')"
|
|
fi
|
|
if [ -z "${email}" ] ; then
|
|
# bail if we still don’t have an email to send to
|
|
continue
|
|
fi
|
|
|
|
# get number of days the certificate will remain valid for
|
|
end="$(openssl x509 -noout -dateopt iso_8601 -enddate -in "${cert}" | cut -d '=' -f 2)"
|
|
validity="$(( ($(date -d "${end}" +%s) - $(date +%s)) / 86400 ))"
|
|
|
|
# send notice 14 and 7 days before expiry
|
|
if [ "${validity}" -eq 14 ] || [ "${validity}" -eq 7 ] ; then
|
|
/usr/sbin/sendmail -t <<EOF
|
|
To: ${email}
|
|
Bcc: root
|
|
Date: $(date -R)
|
|
Subject: Potek certifikata za FRI VPN
|
|
|
|
Spoštovani,
|
|
|
|
čez ${validity} dni bo potekel FRI VPN certifikat za ${email}. Če dostop še potrebujete, kontaktirajte RC FRI za podaljšanje.
|
|
|
|
Lep pozdrav,
|
|
RC FRI
|
|
|
|
///
|
|
|
|
Hello,
|
|
|
|
in ${validity} days the FRI VPN certificate for ${email} will expire. If you still need access, contact RC FRI for renewal.
|
|
|
|
Best regards,
|
|
RC FRI
|
|
EOF
|
|
fi
|
|
done
|