+ def remote_check_smtp(self, context, host, port, name):
+ smtp = SMTP(host, port)
+ try:
+ smtp.starttls(context=context)
+ except SSLError:
+ print("CRIT (invalid certificate) %s:%d" % (host, port))
+ return 2
+
+ cert = smtp.sock.getpeercert()
+ return self.check_cert(cert, host, port, name)
+
+ def remote_check_ssl(self, context, host, port, name):
+ connection = context.wrap_socket(socket(AF_INET6),
+ server_hostname=name)
+ try:
+ connection.connect((host, port))
+ except SSLError:
+ print("CRIT (invalid certificate) %s:%d" % (host, port))
+ return 2
+
+ cert = connection.getpeercert()
+ return self.check_cert(cert, host, port, name)
+
+ def check_cert(self, data, host, port, name):
+ expiretimestamp = cert_time_to_seconds(data['notAfter'])
+ delta = datetime.utcfromtimestamp(expiretimestamp) - datetime.utcnow()
+ deltastr = str(delta).split(",")
+
+ if delta < self.crit:
+ print("CRIT (expires in %8s,%16s) %s:%d" % (deltastr[0], deltastr[1], name, port))
+ return 2
+ elif delta < self.warn:
+ print("WARN (expires in %8s,%16s) %s:%d" % (deltastr[0], deltastr[1], name, port))
+ return 1