# Author: Kerry Cordero
# Version: 1.0.0
# Description: This script will scan a text document "dr-dns.txt", get the SSL Certificate Expiration, and show the date. There's a timeout set to 5 seconds.
import os
import ssl
import socket
import datetime
def get_ssl_expiry_date(hostname):
try:
context = ssl.create_default_context()
with socket.create_connection((hostname, 443), timeout=5) as sock:
with context.wrap_socket(sock, server_hostname=hostname) as sslsock:
cert = sslsock.getpeercert()
expiry_date = datetime.datetime.strptime(cert['notAfter'], "%b %d %H:%M:%S %Y %Z")
return expiry_date.date()
except (ssl.SSLError, socket.error, socket.timeout, ConnectionRefusedError):
return None
filename = os.path.join(os.path.dirname(__file__), "dr-dns.txt")
with open(filename, "r") as file:
for line in file:
fqdn = line.strip()
expiry_date = get_ssl_expiry_date(fqdn)
if expiry_date is not None:
print(f"{fqdn} - SSL certificate expires on: {expiry_date}")
else:
print(f"{fqdn} - No SSL connection or unable to retrieve certificate")
