Python – Scan FQDNS, Get the Expiration, and Display Results



#This script will scan a text document "dr-dns.txt", get the SSL Certificate Expiration, and show the date.  There's a timeout set to 5 seconds.

import os
import ssl
import socket
import datetime

def get_ssl_expiry_date(hostname):
        context = ssl.create_default_context()
        with socket.create_connection((hostname, 443), timeout=5) as sock:
            with context.wrap_socket(sock, server_hostname=hostname) as sslsock:
                cert = sslsock.getpeercert()
                expiry_date = datetime.datetime.strptime(cert['notAfter'], "%b %d %H:%M:%S %Y %Z")
    except (ssl.SSLError, socket.error, socket.timeout, ConnectionRefusedError):
        return None

filename = os.path.join(os.path.dirname(__file__), "dr-dns.txt")

with open(filename, "r") as file:
    for line in file:
        fqdn = line.strip()
        expiry_date = get_ssl_expiry_date(fqdn)
        if expiry_date is not None:
            print(f"{fqdn} - SSL certificate expires on: {expiry_date}")
            print(f"{fqdn} - No SSL connection or unable to retrieve certificate")