-
Erick Hitter authoredErick Hitter authored
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
report-expiry.php 1.48 KiB
<?php
/**
* Report certificate details.
*
* @package PHP_Cert_Reporter
*/
namespace PHP_Cert_Reporter;
/**
* Load table renderer.
*/
require_once __DIR__ . '/vendor/autoload.php';
/**
* Display certificate details in a table.
*
* Suitable for use in CI.
*
* @param bool $exit Exit with status code indicating if expired certificates were found.
*/
function report( $exit = true ): void {
$data = [
[
'Filename',
'CN',
'Expires',
'Days Left',
],
];
$dir_includes_expired = false;
printf( 'RESULTS FOR `%1$s`%2$s', getcwd(), "\n" );
foreach ( glob( '*.crt', GLOB_NOSORT ) as $cert ) {
$path = getcwd() . '/' . $cert;
$x509 = openssl_x509_parse( file_get_contents( $path ) );
if ( ! is_array( $x509 ) ) {
printf( 'Failed to parse certificate from `%1$s`%2$s', $path, "\n\n" );
continue;
}
$cert_data = [
0 => $cert,
1 => $x509['subject']['CN'],
2 => date( 'Y-m-d H:i:s T', $x509['validTo_time_t'] ),
3 => (int) round( ( $x509['validTo_time_t'] - time() ) / 86400 ),
];
// Alert if any expire within the next 30 days.
if ( ! $dir_includes_expired && $cert_data[3] - 30 <= 0 ) {
$dir_includes_expired = true;
}
$data[] = $cert_data;
}
$table = new \cli\Table( array_shift( $data ), $data );
$table->setRenderer( new \cli\table\Ascii() );
$table->sort( 2 );
$table->display();
if ( $dir_includes_expired ) {
echo "EXPIRING CERTIFICATES FOUND!\n";
}
if ( $exit ) {
exit( $dir_includes_expired ? 1 : 0 ); }
}
report();