python脚本监听域名证书过期时间并通知消息到钉钉(最新推荐)
作者:yunson_Liu
版本一:
执行脚本带上 --dingtalk-webhook和–domains后指定钉钉token和域名
python3 ssl_spirtime.py --dingtalk-webhook https://oapi.dingtalk.com/robot/send?access_token=avd345324 --domains www.abc1.com www.abc2.com www.abc3.com
脚本如下
#!/usr/bin/python3 import ssl import socket from datetime import datetime import argparse import requests def get_ssl_cert_expiration(domain, port=443): context = ssl.create_default_context() conn = context.wrap_socket(socket.socket(socket.AF_INET), server_hostname=domain) conn.connect((domain, port)) cert = conn.getpeercert() conn.close() # Extract the expiration date from the certificate not_after = cert['notAfter'] # Convert the date string to a datetime object expiration_date = datetime.strptime(not_after, '%b %d %H:%M:%S %Y %Z') return expiration_date def send_dingtalk_message(webhook_url, message): headers = {'Content-Type': 'application/json'} payload = { "msgtype": "text", "text": { "content": message } } response = requests.post(webhook_url, json=payload, headers=headers) if response.status_code == 200: print("Message sent successfully to DingTalk") else: print(f"Failed to send message to DingTalk. HTTP Status Code: {response.status_code}") if __name__ == "__main__": parser = argparse.ArgumentParser(description="Test SSL certificate expiration for multiple domains") parser.add_argument("--dingtalk-webhook", required=True, help="DingTalk webhook URL") parser.add_argument("--domains", nargs='+', required=True, help="List of domains to test SSL certificate expiration") args = parser.parse_args() for domain in args.domains: expiration_date = get_ssl_cert_expiration(domain) current_date = datetime.now() days_remaining = (expiration_date - current_date).days print(f"SSL certificate for {domain} expires on {expiration_date}") print(f"Days remaining: {days_remaining} days") if days_remaining < 300: message = f"SSL certificate for {domain} will expire on {expiration_date}. Only {days_remaining} days remaining." send_dingtalk_message(args.dingtalk_webhook, message)
版本二
执行脚本带上 --dingtalk-webhook、–secret和–domains后指定钉钉token、密钥和域名
python3 ssl_spirtime4.py --dingtalk-webhook https://oapi.dingtalk.com/robot/send?access_token=abdcsardaef--secret SEC75bcc2abdfd --domains www.abc1.com www.abc2.com www.abc3.com
#!/usr/bin/python3 import ssl import socket from datetime import datetime import argparse import requests import hashlib import hmac import base64 import time def get_ssl_cert_expiration(domain, port=443): context = ssl.create_default_context() conn = context.wrap_socket(socket.socket(socket.AF_INET), server_hostname=domain) conn.connect((domain, port)) cert = conn.getpeercert() conn.close() # Extract the expiration date from the certificate not_after = cert['notAfter'] # Convert the date string to a datetime object expiration_date = datetime.strptime(not_after, '%b %d %H:%M:%S %Y %Z') return expiration_date def send_dingtalk_message(webhook_url, secret, message): headers = {'Content-Type': 'application/json'} # Get the current timestamp in milliseconds timestamp = str(int(round(time.time() * 1000))) # Combine timestamp and secret to create a sign string sign_string = f"{timestamp}\n{secret}" # Calculate the HMAC-SHA256 signature sign = base64.b64encode(hmac.new(secret.encode(), sign_string.encode(), hashlib.sha256).digest()).decode() # Create the payload with the calculated signature payload = { "msgtype": "text", "text": { "content": message }, "timestamp": timestamp, "sign": sign } response = requests.post(f"{webhook_url}×tamp={timestamp}&sign={sign}", json=payload, headers=headers) if response.status_code == 200: print("Message sent successfully to DingTalk") else: print(f"Failed to send message to DingTalk. HTTP Status Code: {response.status_code}") if __name__ == "__main__": parser = argparse.ArgumentParser(description="Test SSL certificate expiration for multiple domains") parser.add_argument("--dingtalk-webhook", required=True, help="DingTalk webhook URL") parser.add_argument("--secret", required=True, help="DingTalk robot secret") parser.add_argument("--domains", nargs='+', required=True, help="List of domains to test SSL certificate expiration") args = parser.parse_args() for domain in args.domains: expiration_date = get_ssl_cert_expiration(domain) current_date = datetime.now() days_remaining = (expiration_date - current_date).days print(f"SSL certificate for {domain} expires on {expiration_date}") print(f"Days remaining: {days_remaining} days") if days_remaining < 10: message = f"SSL certificate for {domain} will expire on {expiration_date}. Only {days_remaining} days remaining." send_dingtalk_message(args.dingtalk_webhook, args.secret, message)
终极版本
python执行脚本时指定配置文件
python3 ssl_spirtime.py --config-file config.json
config.json配置文件内容如下
{ "dingtalk-webhook": "https://oapi.dingtalk.com/robot/send?access_token=avbdcse345dd", "secret": "SECaegdDEdaDSEGFdadd12334", "domains": [ "www.a.tel", "www.b.com", "www.c.app", "www.d-cn.com", "www.e.com", "www.f.com", "www.g.com", "www.gg.com", "www.sd.com", "www.234.com", "www.456.com", "www.addf.com", "www.advdwd.com", "aqjs.aefdsdf.com", "apap.adedgdg.com", "cbap.asfew.com", "ksjsw.adfewfd.cn", "wdxl.aeffadaf.com", "wspr.afefd.shop", "sktprd.daeafsdf.shop", "webskt.afaefafa.shop", "www.afaead.cn", "www.afewfsegs.co", "www.aaeafsf.com", "bdvt.aeraf.info", "dl.afawef.co", "dl.aefarge.com" ] }
脚本内容如下
#!/usr/bin/python3 import ssl import socket from datetime import datetime import argparse import requests import hashlib import hmac import base64 import time import json def get_ssl_cert_expiration(domain, port=443): context = ssl.create_default_context() conn = context.wrap_socket(socket.socket(socket.AF_INET), server_hostname=domain) conn.connect((domain, port)) cert = conn.getpeercert() conn.close() # Extract the expiration date from the certificate not_after = cert['notAfter'] # Convert the date string to a datetime object expiration_date = datetime.strptime(not_after, '%b %d %H:%M:%S %Y %Z') return expiration_date def send_dingtalk_message(webhook_url, secret, message): headers = {'Content-Type': 'application/json'} # Get the current timestamp in milliseconds timestamp = str(int(round(time.time() * 1000))) # Combine timestamp and secret to create a sign string sign_string = f"{timestamp}\n{secret}" # Calculate the HMAC-SHA256 signature sign = base64.b64encode(hmac.new(secret.encode(), sign_string.encode(), hashlib.sha256).digest()).decode() # Create the payload with the calculated signature payload = { "msgtype": "text", "text": { "content": message }, "timestamp": timestamp, "sign": sign } response = requests.post(f"{webhook_url}×tamp={timestamp}&sign={sign}", json=payload, headers=headers) if response.status_code == 200: print("Message sent successfully to DingTalk") else: print(f"Failed to send message to DingTalk. HTTP Status Code: {response.status_code}") if __name__ == "__main__": # 从配置文件中加载配置 with open("config.json", 'r') as config_file: config = json.load(config_file) dingtalk_webhook = config.get("dingtalk-webhook") secret = config.get("secret") domains = config.get("domains") for domain in domains: expiration_date = get_ssl_cert_expiration(domain) current_date = datetime.now() days_remaining = (expiration_date - current_date).days print(f"SSL certificate for {domain} expires on {expiration_date}") print(f"Days remaining: {days_remaining} days") if days_remaining < 10: message = f"SSL certificate for {domain} will expire on {expiration_date}. Only {days_remaining} days remaining." send_dingtalk_message(dingtalk_webhook, secret, message)
执行结果
/usr/bin/python3 /root/ssl_spirtime.py --config-file /root/config.json
SSL certificate for www.a.tel expires on 2024-06-08 23:59:59
Days remaining: 220 days
SSL certificate for www.b.com expires on 2024-05-23 07:45:13
Days remaining: 203 days
SSL certificate for www.c.app expires on 2024-05-23 07:45:13
Days remaining: 203 days
SSL certificate for www.d-cn.com expires on 2024-03-03 00:00:00
Days remaining: 122 days
SSL certificate for www.aed.com expires on 2024-11-17 06:30:15
Days remaining: 381 days
SSL certificate for www.afedf.com expires on 2024-06-20 23:59:59
Days remaining: 232 days
SSL certificate for www.aefdfd.com expires on 2024-06-20 23:59:59
钉钉告警消息如下
到此这篇关于python脚本监听域名证书过期时间,并将通知消息到钉钉的文章就介绍到这了,更多相关python域名证书过期时间内容请搜索脚本之家以前的文章或继续浏览下面的相关文章希望大家以后多多支持脚本之家!
您可能感兴趣的文章:
- Nginx CertBot配置HTTPS泛域名证书Debian及常见问题
- shell脚本检查域名证书是否过期的流程分析
- iis提示尚未创建默认SSL站点,若要支持不带SNI 功能的浏览器,建议创建一个默认SSL站点
- IISCrypto(SSL/TLS一键配置工具) iis服务器如何开启tls v1.2协议
- 一个SSL证书在线转换工具以及IIS7环境下开通https的方法
- IIS站点绑定/切换SSL证书的实现
- IIS10服务器安装SSL证书的图文教程
- iis服务器如何安装ssl证书
- IIS服务器配置阿里云https(SSL)证书的方法
- Microsoft iis服务器安装ssl证书(https)的简单方法
- IIS绑定SSL证书的方法(图文详解)
- 制作能在nginx和IIS中使用的ssl证书
- 在win2008 r2 英文版 IIS7.5上配置Https,SSL的方法
- 有了SSL证书,如何在IIS环境下部署https
- startssl申请SSL证书 并且配置 iis 启用https协议
- win2000服务器在IIS中使用SSL配置HTTPS网站
- IIS7下配置SSL的方法分析
- World Wide Web Publishing 服务尝试删除 IIS 所有的 SSL 配置数据失败的几种方法
- windows server 2019 IIS10配置SSL或更新域名证书(https)