66e8e1c2647f443f0e8371d44f40266b6ff20abd jcasper Tue Mar 17 14:26:40 2026 -0700 Changing certificate renewal warnings to 14 days ahead instead of 30 diff --git src/utils/qa/checkHTTPS src/utils/qa/checkHTTPS index 66cab9362f6..7233488dc64 100755 --- src/utils/qa/checkHTTPS +++ src/utils/qa/checkHTTPS @@ -1,20 +1,20 @@ #!/bin/bash set -eEu -o pipefail recipients=("cluster-admin@soe.ucsc.edu" "browser-qa@soe.ucsc.edu" "mhaeussl@ucsc.edu") -wiggleRoom=$(date +%s -d"30 days"); # Flag for renewal within 30 days of expiry, sec past epoch +wiggleRoom=$(date +%s -d"14 days"); # Flag for renewal within 14 days of expiry, sec past epoch output="" for site in \ genome.ucsc.edu \ genome.soe.ucsc.edu \ genome-euro.ucsc.edu \ genome-asia.ucsc.edu \ genome-preview.ucsc.edu \ genome-test.soe.ucsc.edu \ genome-test.gi.ucsc.edu \ genomewiki.ucsc.edu \ cirm.ucsc.edu \ cirmdcm.soe.ucsc.edu \ hgdownload2.gi.ucsc.edu \ @@ -32,17 +32,17 @@ hgw0.soe.ucsc.edu \ hgw1.soe.ucsc.edu \ hgw2.soe.ucsc.edu \ redmine.soe.ucsc.edu do expiryDate=$(echo -n | openssl s_client -servername $site -connect $site:443 2>/dev/null | openssl x509 -noout -dates | grep After | sed -e "s/23:59:59\|\=\|notAfter\|GMT\|//g") expiryEpoch=$(date -d"$expiryDate" +%s) if (("$wiggleRoom" > "$expiryEpoch")) then output="$output$site certificate expires on $expiryDate\n" fi done if [ -n "$output" ] then - echo -e "$output" | mail -s "Site Certificates expiring in < 30 days" -S 'from=Reply All Includes All QA ' "${recipients[@]}" + echo -e "$output" | mail -s "Site Certificates expiring in < 14 days" -S 'from=Reply All Includes All QA ' "${recipients[@]}" fi