Add warning if cert expires in < 30 days

vadim6 · Apr 22, 2015 · 89c0e6c · 89c0e6c
1 parent c09417e
commit 89c0e6c
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog
 
+## 2.3
+
+- Add warning if certificate expires in < 30 days.
+
 ## 2.2
 
 - Add SSLv2 test

diff --git a/functions/parse_certificate.php b/functions/parse_certificate.php
@@ -724,6 +724,17 @@ function cert_parse_json($raw_cert_data, $raw_next_cert_data=null, $host=null, $
       $result['warning'][] = "Certificate expired! Expiration date: " . date(DATE_RFC2822,$cert_data['validTo_time_t']);
     }
   }
+  // almost expired
+  if (!empty($cert_data['validTo_time_t'])) {
+    $certExpiryDate = strtotime(date(DATE_RFC2822,$cert_data['validTo_time_t']));
+    $certExpiryDiff = $certExpiryDate - strtotime($today);
+    if ($certExpiryDiff < 2592000) {
+      $result['cert_expires_in_less_than_thirty_days'] = true;
+      $result['warning'][] = "Certificate expires in " . round($certExpiryDiff / 84600) . " days!. Expiration date: " . date(DATE_RFC2822,$certExpiryDate);
+    } else {
+      $result['cert_expires_in_less_than_thirty_days'] = false;
+    }
+  }
 
   if ( array_search(explode("Policy: ", explode("\n", $cert_data['extensions']['certificatePolicies'])[0])[1], $ev_oids) ) {
     $result["validation_type"] = "extended";

diff --git a/functions/variables.php b/functions/variables.php
@@ -17,7 +17,7 @@
 date_default_timezone_set('UTC');
 ini_set('default_socket_timeout', 2);
 
-$version = 2.2;
+$version = 2.3;
 
 $random_blurp = rand(1000,99999);