# HG changeset patch
# User Tomas Zeman <tzeman@volny.cz>
# Date 1534423182 -7200
# Node ID b685225d49664e30c5e7919ae792835c03b1ef6f
# Parent  338ee0353bf19de975701c40c8550ed0d7f3424d
conf/openssl.conf: Certificate expiration via network connect

diff -r 338ee0353bf1 -r b685225d4966 conf/openssl.conf
--- a/conf/openssl.conf	Fri Dec 29 09:01:23 2017 +0100
+++ b/conf/openssl.conf	Thu Aug 16 14:39:42 2018 +0200
@@ -3,4 +3,8 @@
 # Number of seconds till certificate expires
 # Parameters: $1 - path to cert file
 UserParameter=cert.x509.expire[*],openssl x509 -in $1 -enddate|grep notAfter|awk -F= '{print $$2}'|while read l; do t=`date -d"$l" +%s`; n=`date +%s`; echo `expr $t - $n`; done
+# Parameters: $1 - host, $2 - port
+UserParameter=cert.net.expire[*],echo | openssl s_client -connect $1:$2 2>/dev/null| openssl x509 -noout -enddate | grep notAfter|awk -F= '{print $$2}'|while read l; do t=`date -d"$l" +%s`; n=`date +%s`; echo `expr $t - $n`; done
+# Parameters: $1 - host, $2 - port, $3 - protocol
+UserParameter=cert.starttls.expire[*],echo | openssl s_client -connect $1:$2 -starttls $3 2>/dev/null| openssl x509 -noout -enddate | grep notAfter|awk -F= '{print $$2}'|while read l; do t=`date -d"$l" +%s`; n=`date +%s`; echo `expr $t - $n`; done