Hi there,
Long time!
Does anybody know of a way to script / otherwise checking for:
Domain Expiry?
Certificate expiry on websites?
Thanks again KS-Soft for a FAB product!
z
Possible to check expiry dates, somehow ? (domain & Cert
-
zacherynuk
- Posts: 26
- Joined: Thu Jul 20, 2006 10:24 am
-
KS-Soft Europe
- Posts: 2832
- Joined: Tue May 16, 2006 4:41 am
- Contact:
Re: Possible to check expiry dates, somehow ? (domain &
I suppose, you need something like "whois check" test method, right? Mmm. Actually, there is no "cooked"solution for now. Probably, we can create some whoischeck utility for this purpose. For now, I would suggest you to write some scriopt, that executes third party whois utility (like this: http://technet.microsoft.com/en-us/sysi ... 97435.aspx) and parse expiration date.zacherynuk wrote:Domain Expiry?
I think, you may use script, based on "CAPICOM.Store" object. For instance, you may use the following script with "Active Script" test method:zacherynuk wrote:Certificate expiry on websites?
Code: Select all
Option Explicit
const statusAlive = "Host is alive:"
const statusDead = "No answer:"
const statusUnknown = "Unknown:"
const statusNotResolved = "Unknown host:"
const statusOk = "Ok:"
const statusBad = "Bad:"
const statusBadContents = "Bad contents:"
dim Store, Certificates, Certificate, DaysToExpire
Const CAPICOM_LOCAL_MACHINE_STORE = 1
Const CAPICOM_CERTIFICATE_FIND_SUBJECT_NAME = 1
Const CAPICOM_STORE_OPEN_READ_ONLY = 0
const SubjectName = "www.ks-server.net"
FUNCTION performtest()
Set Store = CreateObject("CAPICOM.Store")
Store.Open CAPICOM_LOCAL_MACHINE_STORE, "MY" ,CAPICOM_STORE_OPEN_READ_ONLY
Set Certificates = Store.Certificates.Find(CAPICOM_CERTIFICATE_FIND_SUBJECT_NAME, SubjectName, 0)
If Certificates.Count >0 Then
For Each Certificate in Certificates
DaysToExpire = DateDiff("d",now(),Certificate.ValidToDate)
IF DaysToExpire > 0 THEN
performtest = statusOk & DaysToExpire
ELSE
performtest = statusBad & DaysToExpire
END IF
Next
Else
performtest = statusUnknown & "No certs found"
End If
End FunctionBelow is placed debug script, that can be executed in command line for testing purposes:
Code: Select all
Option Explicit
const statusAlive = "Host is alive:"
const statusDead = "No answer:"
const statusUnknown = "Unknown:"
const statusNotResolved = "Unknown host:"
const statusOk = "Ok:"
const statusBad = "Bad:"
const statusBadContents = "Bad contents:"
dim objWMIService, colOperatingSystems, dtmBootup, dtmLastBootupTime, dtmSystemUptime, objOS
dim Store, Certificates, Certificate, DaysToExpire
Const CAPICOM_LOCAL_MACHINE_STORE = 1
Const CAPICOM_CERTIFICATE_FIND_SUBJECT_NAME = 1
Const CAPICOM_STORE_OPEN_READ_ONLY = 0
const strComputer = "."
const SubjectName = "www.ks-server.net"
performtest
FUNCTION performtest()
Set Store = CreateObject("CAPICOM.Store")
Store.Open CAPICOM_LOCAL_MACHINE_STORE, "MY" ,CAPICOM_STORE_OPEN_READ_ONLY
Set Certificates = Store.Certificates.Find(CAPICOM_CERTIFICATE_FIND_SUBJECT_NAME, SubjectName, 0)
If Certificates.Count >0 Then
For Each Certificate in Certificates
WScript.Echo "*** Subject " & Certificate.SubjectName & " ***"
WScript.Echo "Issued by " & Certificate.IssuerName
WScript.Echo "Valid from " & Certificate.ValidFromDate & " to " & Certificate.ValidToDate
DaysToExpire = DateDiff("d",now(),Certificate.ValidToDate)
IF DaysToExpire > 0 THEN
performtest = statusOk & DaysToExpire
ELSE
performtest = statusBad & DaysToExpire
END IF
WScript.Echo "Days to expiry " & DateDiff("d",now(),Certificate.ValidToDate)
WScript.Echo
Next
Else
performtest = statusUnknown & "No certs found"
WScript.Echo "No certificates with SubjectName => '" & SubjectName & "'"
End If
End FunctionThak you! You are welcome!zacherynuk wrote:Thanks again KS-Soft for a FAB product!
Regards,
Max
-
zacherynuk
- Posts: 26
- Joined: Thu Jul 20, 2006 10:24 am
Certificates
Hi,
Thanks for the swift response!
The WhoIs should be easy enough - Thanks!
The Capicom Scripts, as I understand it are only for looking into the local computer store, aren't they ? As opposed to remote sites' certificates..
I can't get the debug script to return any useful info...
Could you show me a working script, looking at, for example; https://www.ssl.com/
Thanks!
z
Thanks for the swift response!
The WhoIs should be easy enough - Thanks!
The Capicom Scripts, as I understand it are only for looking into the local computer store, aren't they ? As opposed to remote sites' certificates..
I can't get the debug script to return any useful info...
Could you show me a working script, looking at, for example; https://www.ssl.com/
Thanks!
z
-
KS-Soft Europe
- Posts: 2832
- Joined: Tue May 16, 2006 4:41 am
- Contact:
Re: Certificates
Correct. It works with local storage.zacherynuk wrote:The Capicom Scripts, as I understand it are only for looking into the local computer store, aren't they ? As opposed to remote sites' certificates..
You may change one line from:zacherynuk wrote:I can't get the debug script to return any useful info...
Set Certificates = Store.Certificates.Find(CAPICOM_CERTIFICATE_FIND_SUBJECT_NAME, SubjectName, 0)
to:
Code: Select all
Set Certificates = Store.CertificatesTo run script from command line prompt you may use following syntax: cscript some_script.vbs
Ok, Now I understand what you are talking about. I thought, you have IIS that runs several HTTPS sites and you want to be sure the SSL certificates for these sites are not expired.zacherynuk wrote:Could you show me a working script, looking at, for example; https://www.ssl.com/
Yeah, foregoing script is useless in this case.
Sorry, I do not have solution for now, will look for solution. Anyway, think, you may browse "Google" in order to find appropriate solution.
Regards,
Max
-
zacherynuk
- Posts: 26
- Joined: Thu Jul 20, 2006 10:24 am
Solution
OK,
Found a great little bash script which does it all - had a bash (haha) at converting it into windows, but failed, so just using Cygwin instead.
Anyways, the solution is to use OpenSSL to query the remote servers using the script from this gentleman: http://prefetch.net/articles/checkcertificate.html
If anybody is interested I can put together a proper how-to - though am tweaking the HostMon Side of things this evening.
Cheers
z
Found a great little bash script which does it all - had a bash (haha) at converting it into windows, but failed, so just using Cygwin instead.
Anyways, the solution is to use OpenSSL to query the remote servers using the script from this gentleman: http://prefetch.net/articles/checkcertificate.html
If anybody is interested I can put together a proper how-to - though am tweaking the HostMon Side of things this evening.
Cheers
z
We have implemented utility for Shell Script test method as well
http://www.ks-soft.net/cgi-bin/phpBB/vi ... php?t=5182
Regards
Alex
http://www.ks-soft.net/cgi-bin/phpBB/vi ... php?t=5182
Regards
Alex
-
zacherynuk
- Posts: 26
- Joined: Thu Jul 20, 2006 10:24 am
Great job
That's awesome, once again testament to your commitment and knowledge of your product. A far better and easier to deploy implementation than my solution! (Show off!)
Thanks!
z
Thanks!
z
