Friday, October 12, 2012

Script to check Certificates validity in the Java Key Store


To check Certificates in the Java Key Store:

#!/bin/bash
# Nagios plugin to check the expiration dates
# of Java Cert keystores

# Set up some variables
# Todays date expressed in Epoch time "seconds since 1970-01-01 00:00:00 UTC"
TODAY=`date +"%s"`
critical=$2
warning=$1
c_flag=0
w_flag=0
OK=0
WARNING=1
CRITICAL=2
UNKNOWN=3
count1=0
count2=0
diffdays_c="in"
diffdays_w="in"

# keytool location and command line
# keytool normally lives here - /opt/java/x64/jdk1.6.0_18/bin/keytool
KEYTOOL="/opt/java/x64/jdk1.6.0_18/bin/keytool"

# Keystore varies depending on application. The below example is from prod
# It can normally be found here /opt/apps/<APPLICATION>/conf/TrustStore_PROD.ks
KEYSTORE="/opt/apps/cmc-clientverification02/conf/TrustStore_PROD.ks"

# Keystore password
KEYPASS="changeit"

# So first we go and get the cert experation dates from the keystore using the
# keytool
`$KEYTOOL -list -v -storepass $KEYPASS -keystore $KEYSTORE | grep Valid |  awk '{print $10,$11,$12,$13,$15}' > /tmp/cert.txt`

if [ -s /tmp/cert.txt ];then

lastrun=`echo $?`
if [ $lastrun  -eq 0  ]; then

while read line
do
 certepoch=`date --date="$line" "+%s"`
 diff=$(($certepoch - $TODAY))
  diff_days=$(($diff / 86400))
  if [ $diff_days -le $critical ];then
        #echo "CRITICAL:Certificate will expire in $diff_days days"
        c_flag=2
        count2=$((count2 + 1))
        diffdays_c="$diffdays_c $diff_days"
        #exit $CRITICAL
  fi
if [ $diff_days -ge $critical ] && [ $diff_days -le $warning ];then
        #echo "WARNING:Certificate will expire in $diff_days"
        w_flag=1
        count1=$((count1 + 1))
        diffdays_w="$diffdays_w $diff_days"
        #exit $WARNING
  fi

done < /tmp/cert.txt
else
        echo "UNKNOWN: check the command executing manually"
        exit $UNKNOWN

fi

if [ $c_flag -eq $CRITICAL ] && [ $w_flag -eq $WARNING ];then
        echo "CRITICAL:There are $count2 certificates getting expired $diffdays_c days"
        echo "and certificate in WARNING:There are $count1 certificates getting expired $diffdays_w days"
exit $CRITICAL
fi


if [ $c_flag -eq $CRITICAL ];then
        echo "CRITICAL:There are $count2 certificates getting expired $diffdays_c days"
        exit $CRITICAL
fi

if [ $w_flag -eq $WARNING ];then
        echo "WARNING:There are $count1 certificates getting expired $diffdays_w days"
        exit $WARNING
fi

if [ $c_flag -eq $OK ] && [ $w_flag -eq $OK ];then

        echo "OK:There are no certificates getting expired."
        exit $OK

fi

else

echo "Try running the Keytool command manually, ther might be a chance that there are no certificates"
exit $CRITICAL
fi

Posted by at 4 comments:

VBScript to find Fileage and send an e-mail

This summary is not available. Please click here to view the post.
Posted by at No comments:

Check_Churn script;This script will basically to see how much the log files are changing over a user defined period of time

Check_Churn script;This script will basically to see how much the log files are changing over a user defined period of time.
It's useful to check how if there are any delay in getting a logfile updated from the start of the file o the end of the file at some instance(depends on the schedule time of the script as well).

Syntax to follow: C:\>cscript /nologo "c:\Documents and Settings\bdhinakaran\Desktop\VbScript\chec
k_churn.vbs" -d "c:\\" -p "(iiCFDFXLIVE-SyslogHub-3.3.3-instance1\[(\d)\]).log"
-c 90



''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

'On Error Resume Next

adir = Wscript.Arguments.Item(0)
dir = Cstr(Wscript.Arguments.Item(1))
aPatternMatch = Wscript.Arguments.Item(2)
PatternMatch = Cstr(Wscript.Arguments.Item(3))
acri = Wscript.Arguments.Item(4)
cri = CLng(Wscript.Arguments.Item(5))


If adir = "-d" and aPatternMatch = "-p" and acri = "-c" Then
 
 
   Const adVarChar = 200
   Const MaxCharacters = 255
   today = now()
   Set DataList = CreateObject("ADOR.Recordset")
   DataList.Fields.Append "FileName", adVarChar, MaxCharacters
   DataList.Fields.Append "FileDateCreated", adVarChar, MaxCharacters
   DataList.Open
   Set fso = CreateObject("Scripting.FileSystemObject")
   Set hash = CreateObject ("Scripting.Dictionary")
   If fso.FolderExists(dir) Then
    Set f = fso.GetFolder(dir)
    Set fc = f.Files
     
    For Each file in fc
      's = s & file.name & " " & "DateCreated "& file.DateCreated
 'hash.add file.name, file.DateCreated
      's = s &   VbNewLine
 'count = count + 1

 Set myRegExp = New RegExp
      myRegExp.IgnoreCase = True
      myRegExp.Global = True
      myRegExp.Pattern = patternMatch
      'Wscript.Echo "Pattern Match:" & patternMatch
      Set myMatches = myRegExp.Execute(file.Name)
      If myMatches.count > 0 Then
    DataList.AddNew
    DataList("FileName") = Cstr(file.name)
    DataList("FileDateCreated") = file.DateCreated
    DataList.Update
count = count + 1
'Wscript.Echo "Matched Pattern:" & patternMatch
 End If

    Next
      'Wscript.Echo "No Pattern Match Found in the specified Directory:" &dir
  'Wscript.Echo "Total Files:"&count
   Else
Wscript.Echo "Folder doesn't exists. Please check the path"
Wscript.Quit(2)
   End If

If count > 1 Then
DataList.Sort = "FileName asc" 'sort the disconnected recordset to asc by default it sorts to ascending if needed can sort to desc
DataList.MoveFirst
diff1 = DateDiff("s",DataList.Fields.Item("FileDateCreated"),today)
DataList.MoveLast
diff2 = DateDiff("s",DataList.Fields.Item("FileDateCreated"),today)
rdiff = diff1 - diff2
'Wscript.Echo "Real diff in Second for the FirstFile and LastFile:" & rdiff &"sec"

'Displays the overall fields
'DataList.MoveFirst
'Do Until DataList.EOF
' Wscript.Echo DataList.Fields.Item("FileName") & vbTab & DataList.Fields.Item("FileDateCreated")
' DataList.MoveNext
'Loop

If cri > rdiff Then
Wscript.Echo "Creation Time of the First Log file and Last LogFile is less than the user-defined time:" & rdiff &"sec" &"in the directory: " &dir
Wscript.quit(0)

Else
Wscript.Echo "Is more than the user-defined time: " & rdiff &" sec " & " in the directory: " &dir
Wscript.Quit(2)
End If

'keys = hash.Keys
'items = hash.Items
'for i = 0 to hash.Count - 1
'wscript.echo Keys(i) & " = " & hash.item(Keys(i))
'next

'diff1 = DateDiff("s",hash.item(Keys(0)),today)
'diff2 = DateDiff("s",hash.item(Keys(hash.Count - 1)),today)

'Wscript.Echo "The First File Difference with the today's date:" & diff1
'Wscript.Echo "The Last File Difference with the today's date:" & diff2
'rdiff = diff1 - diff2
'Wscript.Echo s
'Wscript.Echo "Real diff in Second for the FirstFile and LastFile:" & rdiff &"sec"
'Wscript.Echo "Total Files:" & hash.Count
     Else
'DataList.MoveFirst
'Do Until DataList.EOF
'Wscript.Echo DataList.Fields.Item("FileName") & vbTab & DataList.Fields.Item("FileDateCreated")
'DataList.MoveNext
'Loop
Wscript.Echo "We have single record or file in the specified Directory or no files of the patten match specified: " & dir
Wscript.Quit(2)
End If
  Else
   Wscript.Echo "Please follow the pattern: check_churn.vbs -d <directory> -p <pattern> -c <error_sec> "
   Wscript.echo "This script will basically to see how much the log files are changing over a user defined period of time"
   Wscript.Quit(2)
End If

Posted by at No comments:
Subscribe to: Posts (Atom)