Edit file File name : check_a2_le_certs.sh.saltmaster1 Content :#!/bin/bash le_cert_dirs=(le_certs le_certs_dev le_certs_ernie supercp_le_certs) le_epoch_time=$(date +%s) le_hours_min=600 # 600 hours = 25 days exit_code=0 for cert_dir in "${le_cert_dirs[@]}"; do le_certs=$(ls -1 /var/cache/"${cert_dir}" | grep pem | grep -v privkey) for cert in ${le_certs}; do cert_path="/var/cache/${cert_dir}/${cert}" if [ -e "$cert_path" ]; then le_expiry_epoch=$(date -d "$(openssl x509 -enddate -noout -in "$cert_path" | cut -d= -f2)" +%s) le_life=$(( le_expiry_epoch - le_epoch_time )) le_life_hours=$(( le_life / 3600 )) if [ "$le_life_hours" -lt "$le_hours_min" ]; then echo "CRITICAL - ${cert_path} expires in ${le_life_hours} hours | lifetime=${le_life_hours}h;${le_hours_min};0;0" exit_code=2 else echo "OK - ${cert_path} expires in ${le_life_hours} hours | lifetime=${le_life_hours}h;${le_hours_min};0;0" fi else echo "UNKNOWN - Certificate ${cert_path} not found" exit_code=3 fi done done exit $exit_code Save