python

关注公众号 jb51net

关闭
首页 > 脚本专栏 > python > python域名证书过期时间

python脚本监听域名证书过期时间并通知消息到钉钉(最新推荐)

作者:yunson_Liu

这篇文章主要介绍了python脚本监听域名证书过期时间并通知消息到钉钉(最新推荐),本文给大家介绍的非常详细,对大家的学习或工作具有一定的参考借鉴价值,需要的朋友可以参考下

版本一:

执行脚本带上 --dingtalk-webhook和–domains后指定钉钉token和域名

python3 ssl_spirtime.py --dingtalk-webhook https://oapi.dingtalk.com/robot/send?access_token=avd345324 --domains www.abc1.com www.abc2.com www.abc3.com

脚本如下

#!/usr/bin/python3
import ssl
import socket
from datetime import datetime
import argparse
import requests
def get_ssl_cert_expiration(domain, port=443):
    context = ssl.create_default_context()
    conn = context.wrap_socket(socket.socket(socket.AF_INET), server_hostname=domain)
    conn.connect((domain, port))
    cert = conn.getpeercert()
    conn.close()
    # Extract the expiration date from the certificate
    not_after = cert['notAfter']
    # Convert the date string to a datetime object
    expiration_date = datetime.strptime(not_after, '%b %d %H:%M:%S %Y %Z')
    return expiration_date
def send_dingtalk_message(webhook_url, message):
    headers = {'Content-Type': 'application/json'}
    payload = {
        "msgtype": "text",
        "text": {
            "content": message
        }
    }
    response = requests.post(webhook_url, json=payload, headers=headers)
    if response.status_code == 200:
        print("Message sent successfully to DingTalk")
    else:
        print(f"Failed to send message to DingTalk. HTTP Status Code: {response.status_code}")
if __name__ == "__main__":
    parser = argparse.ArgumentParser(description="Test SSL certificate expiration for multiple domains")
    parser.add_argument("--dingtalk-webhook", required=True, help="DingTalk webhook URL")
    parser.add_argument("--domains", nargs='+', required=True, help="List of domains to test SSL certificate expiration")
    args = parser.parse_args()
    for domain in args.domains:
        expiration_date = get_ssl_cert_expiration(domain)
        current_date = datetime.now()
        days_remaining = (expiration_date - current_date).days
        print(f"SSL certificate for {domain} expires on {expiration_date}")
        print(f"Days remaining: {days_remaining} days")
        if days_remaining < 300:
            message = f"SSL certificate for {domain} will expire on {expiration_date}. Only {days_remaining} days remaining."
            send_dingtalk_message(args.dingtalk_webhook, message)

版本二

执行脚本带上 --dingtalk-webhook、–secret和–domains后指定钉钉token、密钥和域名

python3 ssl_spirtime4.py --dingtalk-webhook https://oapi.dingtalk.com/robot/send?access_token=abdcsardaef--secret SEC75bcc2abdfd --domains www.abc1.com www.abc2.com www.abc3.com
#!/usr/bin/python3
import ssl
import socket
from datetime import datetime
import argparse
import requests
import hashlib
import hmac
import base64
import time
def get_ssl_cert_expiration(domain, port=443):
    context = ssl.create_default_context()
    conn = context.wrap_socket(socket.socket(socket.AF_INET), server_hostname=domain)
    conn.connect((domain, port))
    cert = conn.getpeercert()
    conn.close()
    # Extract the expiration date from the certificate
    not_after = cert['notAfter']
    # Convert the date string to a datetime object
    expiration_date = datetime.strptime(not_after, '%b %d %H:%M:%S %Y %Z')
    return expiration_date
def send_dingtalk_message(webhook_url, secret, message):
    headers = {'Content-Type': 'application/json'}
    # Get the current timestamp in milliseconds
    timestamp = str(int(round(time.time() * 1000)))
    # Combine timestamp and secret to create a sign string
    sign_string = f"{timestamp}\n{secret}"
    # Calculate the HMAC-SHA256 signature
    sign = base64.b64encode(hmac.new(secret.encode(), sign_string.encode(), hashlib.sha256).digest()).decode()
    # Create the payload with the calculated signature
    payload = {
        "msgtype": "text",
        "text": {
            "content": message
        },
        "timestamp": timestamp,
        "sign": sign
    }
    response = requests.post(f"{webhook_url}&timestamp={timestamp}&sign={sign}", json=payload, headers=headers)
    if response.status_code == 200:
        print("Message sent successfully to DingTalk")
    else:
        print(f"Failed to send message to DingTalk. HTTP Status Code: {response.status_code}")
if __name__ == "__main__":
    parser = argparse.ArgumentParser(description="Test SSL certificate expiration for multiple domains")
    parser.add_argument("--dingtalk-webhook", required=True, help="DingTalk webhook URL")
    parser.add_argument("--secret", required=True, help="DingTalk robot secret")
    parser.add_argument("--domains", nargs='+', required=True, help="List of domains to test SSL certificate expiration")
    args = parser.parse_args()
    for domain in args.domains:
        expiration_date = get_ssl_cert_expiration(domain)
        current_date = datetime.now()
        days_remaining = (expiration_date - current_date).days
        print(f"SSL certificate for {domain} expires on {expiration_date}")
        print(f"Days remaining: {days_remaining} days")
        if days_remaining < 10:
            message = f"SSL certificate for {domain} will expire on {expiration_date}. Only {days_remaining} days remaining."
            send_dingtalk_message(args.dingtalk_webhook, args.secret, message)

终极版本

python执行脚本时指定配置文件

python3 ssl_spirtime.py --config-file config.json

config.json配置文件内容如下

{
    "dingtalk-webhook": "https://oapi.dingtalk.com/robot/send?access_token=avbdcse345dd",
    "secret": "SECaegdDEdaDSEGFdadd12334",
    "domains": [
        "www.a.tel",
        "www.b.com",
        "www.c.app",
        "www.d-cn.com",
        "www.e.com",
        "www.f.com",
        "www.g.com",
        "www.gg.com",
        "www.sd.com",
        "www.234.com",
        "www.456.com",
        "www.addf.com",
        "www.advdwd.com",
        "aqjs.aefdsdf.com",
        "apap.adedgdg.com",
        "cbap.asfew.com",
        "ksjsw.adfewfd.cn",
        "wdxl.aeffadaf.com",
        "wspr.afefd.shop",
        "sktprd.daeafsdf.shop",
        "webskt.afaefafa.shop",
        "www.afaead.cn",
        "www.afewfsegs.co",
        "www.aaeafsf.com",
        "bdvt.aeraf.info",
        "dl.afawef.co",
        "dl.aefarge.com"
    ]
}

脚本内容如下

#!/usr/bin/python3
import ssl
import socket
from datetime import datetime
import argparse
import requests
import hashlib
import hmac
import base64
import time
import json
def get_ssl_cert_expiration(domain, port=443):
    context = ssl.create_default_context()
    conn = context.wrap_socket(socket.socket(socket.AF_INET), server_hostname=domain)
    conn.connect((domain, port))
    cert = conn.getpeercert()
    conn.close()
    # Extract the expiration date from the certificate
    not_after = cert['notAfter']
    # Convert the date string to a datetime object
    expiration_date = datetime.strptime(not_after, '%b %d %H:%M:%S %Y %Z')
    return expiration_date
def send_dingtalk_message(webhook_url, secret, message):
    headers = {'Content-Type': 'application/json'}
    # Get the current timestamp in milliseconds
    timestamp = str(int(round(time.time() * 1000)))
    # Combine timestamp and secret to create a sign string
    sign_string = f"{timestamp}\n{secret}"
    # Calculate the HMAC-SHA256 signature
    sign = base64.b64encode(hmac.new(secret.encode(), sign_string.encode(), hashlib.sha256).digest()).decode()
    # Create the payload with the calculated signature
    payload = {
        "msgtype": "text",
        "text": {
            "content": message
        },
        "timestamp": timestamp,
        "sign": sign
    }
    response = requests.post(f"{webhook_url}&timestamp={timestamp}&sign={sign}", json=payload, headers=headers)
    if response.status_code == 200:
        print("Message sent successfully to DingTalk")
    else:
        print(f"Failed to send message to DingTalk. HTTP Status Code: {response.status_code}")
if __name__ == "__main__":
    # 从配置文件中加载配置
    with open("config.json", 'r') as config_file:
        config = json.load(config_file)
    dingtalk_webhook = config.get("dingtalk-webhook")
    secret = config.get("secret")
    domains = config.get("domains")
    for domain in domains:
        expiration_date = get_ssl_cert_expiration(domain)
        current_date = datetime.now()
        days_remaining = (expiration_date - current_date).days
        print(f"SSL certificate for {domain} expires on {expiration_date}")
        print(f"Days remaining: {days_remaining} days")
        if days_remaining < 10:
            message = f"SSL certificate for {domain} will expire on {expiration_date}. Only {days_remaining} days remaining."
            send_dingtalk_message(dingtalk_webhook, secret, message)

执行结果

/usr/bin/python3 /root/ssl_spirtime.py --config-file /root/config.json
SSL certificate for www.a.tel expires on 2024-06-08 23:59:59
Days remaining: 220 days
SSL certificate for www.b.com expires on 2024-05-23 07:45:13
Days remaining: 203 days
SSL certificate for www.c.app expires on 2024-05-23 07:45:13
Days remaining: 203 days
SSL certificate for www.d-cn.com expires on 2024-03-03 00:00:00
Days remaining: 122 days
SSL certificate for www.aed.com expires on 2024-11-17 06:30:15
Days remaining: 381 days
SSL certificate for www.afedf.com expires on 2024-06-20 23:59:59
Days remaining: 232 days
SSL certificate for www.aefdfd.com expires on 2024-06-20 23:59:59

钉钉告警消息如下

到此这篇关于python脚本监听域名证书过期时间,并将通知消息到钉钉的文章就介绍到这了,更多相关python域名证书过期时间内容请搜索脚本之家以前的文章或继续浏览下面的相关文章希望大家以后多多支持脚本之家!

您可能感兴趣的文章:
阅读全文