[phpBB Debug] PHP Warning: in file [ROOT]/phpbb/session.php on line 580: sizeof(): Parameter must be an array or an object that implements Countable
[phpBB Debug] PHP Warning: in file [ROOT]/phpbb/session.php on line 636: sizeof(): Parameter must be an array or an object that implements Countable
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4511: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3257)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4511: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3257)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4511: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3257)
SELinux Super Administrator Forum • Script to check expiration of PKI certs
Page 1 of 1

Script to check expiration of PKI certs

Posted: Thu Jun 01, 2017 11:11 am
by micklang
Drop this script into /opt/j**x/site-scripts and make executable. This handy script will check the expiration date of a user's pki cert.

Code: Select all

#!/usr/bin/env python

# This script checks the expiration date of a user's pki cert.
# It's best to run this in the staging directory of where you first import user certs
# and make sure to run it at the level of the cert file.
#
#  Mick & Doris 2016

# Bring in needed modules
import os, re
import glob
import subprocess

certdir = "/home/langm/certbuilder/"
tempcert = "/home/langm/certbuilder/tempcrt.pem"

print ("Enter the PUID of the first user please:")
puid = raw_input()

pkicert = certdir + puid + '.p12'
tempcrt_file = open(tempcrt, 'wb')
p12data = subprocess.Popen(["/usr/bin/openssl", "pkcs12", "-in", pkicert], stdout=subprocess.PIPE)
output = p12data.communicate()[0]
tempcrt_file.write(output)
tempcrt_file.close()
print ("Here is the expiration date of the certificate:\n)
subprocess.call(["/usr/bin/openssl", "x509", "-in", tempcrt, "-noout", "-enddate"])
os.remove(tempcrt)