ssl_certs: shell fixes; shorten perfdata label

98567f3b · Hahn Axel (hahn) · 4ffc1e1c · 98567f3b
Commit 98567f3b authored 3 years ago by Hahn Axel (hahn)
--- a/check_ssl_certs
+++ b/check_ssl_certs
@@ -11,9 +11,10 @@
 #
 # ----------------------------------------------------------------------
 # 2021-10-06  v0.1  <axel.hahn@iml.unibe.ch>  initial version
+# 2022-03-16  v0.2  <axel.hahn@iml.unibe.ch>  shell fixes; shorten perfdata label
 # ======================================================================

-. `dirname $0`/inc_pluginfunctions
+. $(dirname $0)/inc_pluginfunctions

 typeset -i iWarn=14
 typeset -i iCrit=5
@@ -27,6 +28,9 @@ fullstatus=""

 filelist="/etc/ssl/certs/*.cert.cer"

+# remove dommain in label in performance data
+myDomain=".iml.unibe.ch"
+
 # ----------------------------------------------------------------------
 # functions
 # ----------------------------------------------------------------------
@@ -45,7 +49,7 @@ Check locally installed SSL client certificates and warn if the
 expiration date comes closer. 

 SYNTAX:
-`basename $0` [-w WARN_LIMIT] [-c CRITICAL_LIMIT] [-f "FILELIST"]
+$(basename $0) [-w WARN_LIMIT] [-c CRITICAL_LIMIT] [-f "FILELIST"]

 OPTIONS:

@@ -64,11 +68,11 @@ PARAMETERS:

 EXAMPLE:

-    `basename $0` -f "/etc/ssl/certs/*example.com.*.cer /somewhere/else/*.cer"
+    $(basename $0) -f "/etc/ssl/certs/*example.com.*.cer /somewhere/else/*.cer"
        Set 2 folders where to find the client certificates.
        They are seperated by space and both use * for globbing

-    `basename $0` -w 30 -c 3 
+    $(basename $0) -w 30 -c 3 
        Overide the warning and critical level.

 EOF
@@ -95,9 +99,9 @@ ph.require openssl


 # --- override from command line params
-filelist=`ph.getValueWithParam "$filelist" f "$@"`
-iWarn=`   ph.getValueWithParam $iWarn      w "$@"`
-iCrit=`   ph.getValueWithParam $iCrit      c "$@"`
+filelist=$(ph.getValueWithParam "$filelist" f "$@")
+iWarn=$(   ph.getValueWithParam $iWarn      w "$@")
+iCrit=$(   ph.getValueWithParam $iCrit      c "$@")


 # ----- check cert files
@@ -114,6 +118,8 @@ do
        iCounter=$iCounter+1
        data=$(openssl x509 -noout -text -in $mycert 2>/dev/null )
        mySubject=$( echo "$data" | grep "Subject:\ CN\ =\ " | grep -v "," | cut -f 2- -d "=" | cut -c 2- )
+        
+        mySubject2="${mySubject//${myDomain}}"
        if [ -z "$mySubject" ]; then
                bHasWarning=true
                fullstatus="${fullstatus}
@@ -142,7 +148,7 @@ do
            fi
            shortstatus="${shortstatus}${result} ${mySubject} [${iLeft}d] ; "
            fullstatus="${fullstatus}
----- [$iCounter of $iTotal] ${mySubject} - expires in $iLeft days
+----- [$iCounter of $iTotal] ${mySubject} - expires in $iLeft days $mySubject2
 $( echo "$data" | grep -E "(DNS:|Issuer:|Not\ |Subject:)" | sed 's#^\ *##g')
 File: $mycert
 "