Codebox Software

This is a Python script for checking the expiry dates of website TLS/SSL certificates, used for creating secure HTTPS connections. The script requires Python 3 and has no other dependencies.

To use the script simply run it from the command line, along with a list of the domain names you wish to check. For example:

> python check-certificates.py codebox.net www.codebox.net api.codebox.net oldtime.radio c0debox.net

Checking 5 endpoints...
codebox.net     OK    expires in 48 days
www.codebox.net OK    expires in 48 days
api.codebox.net OK    expires in 48 days
oldtime.radio   WARN  expires in 6 days 21 hours 13 minutes
c0debox.net     ERROR [Errno 8] nodename nor servname provided, or not known

The script will list the status of each domain's certificate, displaying OK if the certificate was retrieved and is not expiring soon, WARN if the certificate's expiry date is getting close, or ERROR if the certificate has already expired, or if there is some other problem such as the host could not be found, or no certificate could be retrieved.

By default WARN will be displayed if there are less than 7 days until a certificate expires, but this interval can be changed by altering the value of the WARN_IF_DAYS_LESS_THAN variable.

If any of the domains are using a non-standard port for HTTPS then this should be specified using the usual notation of host:port. For example:

> python check-certificates.py test.codebox.net:8443

The script returns an exit code indicating whether the checks passed or not, making it easier to take appropriate action in a shell script (for example sending an email if the checks fail):

Certificate checks are performed in parallel, making the process of checking multiple domains much quicker. The number of concurrent checks that will be performed is determined by the value of the WORKER_THREAD_COUNT variable.