#!/usr/bin/env bash EMAIL_TO="empfänger@adresse.tld" EMAIL_FROM="absender@adresse.tld" #Ablaufdatum in Tagen EXPIRE=25 LOG_FILE="/var/log/plesk_ssl_check.log" CONF_PATHS=$(find /etc/apache2/plesk.conf.d/vhosts/ /etc/httpd/conf/plesk.conf.d/vhosts/ 2>/dev/null -name "*.conf") [ -z "$CONF_PATHS" ] && echo "$(date) - Keine Vhost-Konfigurationen gefunden.">> "$LOG_FILE" && exit 1 TMPFILE=$(mktemp) ALERT=0 # Zertifikatdaten sammeln for conf in $CONF_PATHS; do DOMAIN=$(basename "$conf" .conf) CERT_PATH=$(grep -i 'SSLCertificateFile' "$conf" | awk '{print $2}' | head -n1) [ -z "$CERT_PATH" ] && continue if [ ! -f "$CERT_PATH" ]; then echo "$DOMAIN|$CERT_PATH|Datei nicht gefunden!|***|0">> "$TMPFILE" ALERT=1 continue fi END_DATE_RAW=$(openssl x509 -in "$CERT_PATH" -noout -enddate 2>/dev/null) END_DATE=$(echo "$END_DATE_RAW" | cut -d= -f2) if [ -n "$END_DATE" ]; then EXP_TS=$(date -d "$END_DATE" +%s 2>/dev/null) NOW_TS=$(date +%s) DIFF_DAYS=$(( (EXP_TS - NOW_TS) / 86400 )) else END_DATE="Unbekannt" EXP_TS=0 DIFF_DAYS=999 fi MARKER="" if [ "$EXP_TS" -eq 0 ] || [ "$DIFF_DAYS" -le $EXPIRE ]; then MARKER="***" ALERT=1 fi CERT_FILE=$(basename "$CERT_PATH") echo "$DOMAIN|$CERT_FILE|$END_DATE|$MARKER|$EXP_TS">> "$TMPFILE" done TMPFILE_SORTED=$(mktemp) { echo "SSL-Zertifikatsreport für $(date)" echo printf "%-25s %-25s %-25s %-15s %-5s\n" "Domain" "Zertifikat-Datei" "Ablaufdatum" "Verbleibend" "Hinweis" echo "----------------------------------------------------------------------------------------------------------------------------" sort -t'|' -k5,5n "$TMPFILE" | while IFS='|' read -r DOMAIN CERT_PATH END_DATE MARKER EXP_TS; do if [ "$EXP_TS" -eq 0 ]; then DATE_PART="$END_DATE" AGE_PART="" else NOW=$(date +%s) DIFF_DAYS=$(( (EXP_TS - NOW) / 86400 )) DATE_PART="$END_DATE" AGE_PART="in $DIFF_DAYS Tagen" fi printf "%-25s %-25s %-25s %-15s %-5s\n" "$DOMAIN" "$CERT_PATH" "$DATE_PART" "$AGE_PART" "$MARKER" done printf "\n\n\n" }> "$TMPFILE_SORTED" # Report in Variable lesen REPORT=$(cat "$TMPFILE_SORTED") # In Log schreiben echo -e "$REPORT">> "$LOG_FILE" # Mail senden, wenn nötig if [ "$ALERT" -eq 1 ]; then # HTML-Mail aufbauen MAIL_HTML="" MAIL_HTML+="

ACHTUNG: Plesk SSL-Zertifikate laufen bald ab!

" MAIL_HTML+="" MAIL_HTML+="" # Zeilen aus temporärer Datei auslesen while IFS='|' read -r DOMAIN CERT_PATH END_DATE MARKER EXP_TS; do # Wenn Marker *** (bald ablaufend), dann rot färben if [ "$MARKER" = "***" ]; then ROW_COLOR=" style='background-color:#ffcccc;'" # Hellrot else ROW_COLOR="" fi if [ "$EXP_TS" -eq 0 ]; then AGE_PART="" else NOW_TS=$(date +%s) DIFF_DAYS=$(( (EXP_TS - NOW_TS) / 86400 )) AGE_PART="$DIFF_DAYS Tage" fi MAIL_HTML+="" done <"$TMPFILE" MAIL_HTML+="
DomainZertifikat-DateiAblaufdatumRestzeit
$DOMAIN$CERT_PATH$END_DATE$AGE_PART
" /usr/sbin/sendmail -f $EMAIL_FROM $EMAIL_TO < Logrotate einrichten: nano /etc/logrotate.d/plesk_ssl_check /var/log/plesk_ssl_check.log { monthly rotate 4 compress missingok notifempty create 640 root adm su root root postrotate endscript } Logrotate testen: logrotate --force /etc/logrotate.d/plesk_ssl_check