Codebox Software

HTTPS Certificate Expiry Checker


This is a Python script for checking the expiry dates of website TLS/SSL certificates, used for creating secure HTTPS connections. The script requires Python 3 and has no other dependencies.

To use the script simply run it from the command line, along with a list of the domain names you wish to check. For example:

> python

Checking 5 endpoints...     OK    expires in 48 days OK    expires in 48 days OK    expires in 48 days   WARN  expires in 6 days 21 hours 13 minutes     ERROR [Errno 8] nodename nor servname provided, or not known

The script will list the status of each domain's certificate, displaying OK if the certificate was retrieved and is not expiring soon, WARN if the certificate's expiry date is getting close, or ERROR if the certificate has already expired, or if there is some other problem such as the host could not be found, or no certificate could be retrieved.

By default WARN will be displayed if there are less than 7 days until a certificate expires, but this interval can be changed by altering the value of the WARN_IF_DAYS_LESS_THAN variable.

If any of the domains are using a non-standard port for HTTPS then this should be specified using the usual notation of host:port. For example:

> python

The script returns an exit code indicating whether the checks passed or not, making it easier to take appropriate action in a shell script (for example sending an email if the checks fail):

ConditionExit Code
Everything is fine, none of the certificates are expiring soon0
At least one certificate is expiring soon1
At least one certificate has expired, is invalid, or could not be retrieved2
Both of the previous conditions occurred3
No domain list was provided when running the script9

Certificate checks are performed in parallel, making the process of checking multiple domains much quicker. The number of concurrent checks that will be performed is determined by the value of the WORKER_THREAD_COUNT variable.