Script to check expiration of PKI certs

Oh gawd, if you are doing any of this work, you have our TOTAL sympathy!
Post Reply
micklang
Posts: 10
Joined: Wed May 17, 2017 11:27 pm
Location: London, UK
Contact:

Script to check expiration of PKI certs

Post by micklang » Thu Jun 01, 2017 11:11 am

Drop this script into /opt/j**x/site-scripts and make executable. This handy script will check the expiration date of a user's pki cert.

Code: Select all

#!/usr/bin/env python

# This script checks the expiration date of a user's pki cert.
# It's best to run this in the staging directory of where you first import user certs
# and make sure to run it at the level of the cert file.
#
#  Mick & Doris 2016

# Bring in needed modules
import os, re
import glob
import subprocess

certdir = "/home/langm/certbuilder/"
tempcert = "/home/langm/certbuilder/tempcrt.pem"

print ("Enter the PUID of the first user please:")
puid = raw_input()

pkicert = certdir + puid + '.p12'
tempcrt_file = open(tempcrt, 'wb')
p12data = subprocess.Popen(["/usr/bin/openssl", "pkcs12", "-in", pkicert], stdout=subprocess.PIPE)
output = p12data.communicate()[0]
tempcrt_file.write(output)
tempcrt_file.close()
print ("Here is the expiration date of the certificate:\n)
subprocess.call(["/usr/bin/openssl", "x509", "-in", tempcrt, "-noout", "-enddate"])
os.remove(tempcrt)

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest