---

PERL Script to SSH Multiple Server Nodes, Checks of SSL Certificates Expiry and Email to Root

A set of nodes are managed using ssh only (call them “deva”, “devb”, “devc”, “devd”). Each node runs a service that supports certificates, and the certificate expiration date must be checked. Each node can have multiple certificates, and they are all returned by running the shell command “get x509 cert” on the node itself. The command outputs one cert per line, with the following format:

hash exp

Create a script that will ssh to each node and check for certificate expiration. The script should also send e-mail five days before expiration, with node name and certificate details, and another e-mail when cert expires in less than 2 days. Please notice, that it should be easy to add another node to the list. Also, another warning mail should be sent if the node is unavailable. A summary log after the work is done, would be a nice add-on.