wok-6.x view cacerts/stuff/remove-expired-certs.sh @ rev 16681
Create some /var/run/<dir> in /etc/init.d/<daemon> scritps
author | Pascal Bellard <pascal.bellard@slitaz.org> |
---|---|
date | Sun May 18 20:24:07 2014 +0000 (2014-05-18) |
parents | |
children | f29d4912ea56 |
line source
1 #!/bin/sh
2 # Begin /bin/remove-expired-certs.sh
3 #
4 # Version 20120211
6 # Make sure the date is parsed correctly on all systems
7 mydate()
8 {
9 local y=$( echo $1 | cut -d" " -f4 )
10 local M=$( echo $1 | cut -d" " -f1 )
11 local d=$( echo $1 | cut -d" " -f2 )
12 local m
14 if [ ${d} -lt 10 ]; then d="0${d}"; fi
16 case $M in
17 Jan) m="01";;
18 Feb) m="02";;
19 Mar) m="03";;
20 Apr) m="04";;
21 May) m="05";;
22 Jun) m="06";;
23 Jul) m="07";;
24 Aug) m="08";;
25 Sep) m="09";;
26 Oct) m="10";;
27 Nov) m="11";;
28 Dec) m="12";;
29 esac
31 certdate="${y}${m}${d}"
32 }
34 OPENSSL=/usr/bin/openssl
35 DIR=$DESTDIR/etc/ssl/certs
37 if [ $# -gt 0 ]; then
38 DIR="$1"
39 fi
41 certs=$( find ${DIR} -type f -name "*.pem" -o -name "*.crt" )
42 today=$( date +%Y%m%d )
44 for cert in $certs; do
45 notafter=$( $OPENSSL x509 -enddate -in "${cert}" -noout )
46 date=$( echo ${notafter} | sed 's/^notAfter=//' )
47 mydate "$date"
49 if [ ${certdate} -lt ${today} ]; then
50 echo "${cert} expired on ${certdate}! Removing..."
51 rm -f "${cert}"
52 fi
53 done