48 log("warn", "Could not find a certificate to check"); |
48 log("warn", "Could not find a certificate to check"); |
49 return; |
49 return; |
50 end |
50 end |
51 |
51 |
52 local certfile = ssl_config.certificate; |
52 local certfile = ssl_config.certificate; |
53 local fh = io.open(certfile); -- Load the file. |
53 local fh, ferr = io.open(certfile); -- Load the file. |
54 cert = fh and fh:read"*a"; |
54 if not fh then |
55 fh = fh and fh:close(); |
55 log("warn", "Could not open certificate %s", ferr); |
56 local cert = cert and load_cert(cert); -- And parse |
56 return; |
|
57 end |
|
58 local cert, lerr = load_cert(fh:read("*a")); -- And parse |
|
59 fh:close(); |
|
60 if not cert then |
|
61 log("warn", "Could not parse certificate %s: %s", certfile, lerr or ""); |
|
62 return; |
|
63 end |
57 |
64 |
58 if not cert then |
|
59 module:log("warn", "No certificate configured for this host, please fix this and reload this module to check expiry"); |
|
60 return |
|
61 end |
|
62 local expires_at = parse_x509_datetime(cert:notafter()); |
65 local expires_at = parse_x509_datetime(cert:notafter()); |
63 local expires_in = os.difftime(expires_at, now); |
66 local expires_in = os.difftime(expires_at, now); |
64 local fmt = "Certificate %s expires in %s" |
67 local fmt = "Certificate %s expires in %s" |
65 local nag_admin = expires_in < nag_time; |
68 local nag_admin = expires_in < nag_time; |
66 local log_warn = expires_in < nag_time * 2; |
69 local log_warn = expires_in < nag_time * 2; |