文件列表:

LICENSE (11356, 2023-08-19)
assets/ (0, 2023-08-19)
assets/ssl-audit-config.png (110747, 2023-08-19)
assets/ssl-audit-domain-list-file.png (114585, 2023-08-19)
assets/ssl-audit-domain-list.png (437500, 2023-08-19)
assets/ssl-audit-verbose.png (105036, 2023-08-19)
examples/ (0, 2023-08-19)
examples/Example.log (194, 2023-08-19)
examples/list.txt (39, 2023-08-19)
requirements.txt (293, 2023-08-19)
ssl-audit.py (15518, 2023-08-19)

# Akamai SSL Expiration Audit ## What is this? A tool to audit Akamai Property Manager Configurations (Local and Remote) and DNS Record List for SSL Certificate Expiration dates. The goal behind this project is to provide an easy way to audit **audit ssl certificate expiration date**, this is to help us keep an eye over any soon to expire certificate and avoid possible outages due to lack of visibility.

## Who is this for? This project will help mostly Akamai customers but the Audit list functionality will also be of use to any person/company that wants to see when their SSL Certificates might expire. ...(Anyone) ## Features * Audit Akamai Property Configuration: * Offline JSON Document * Current Production version (download latest) * Audit List of domains * List can be provided on a document (comma separated) * List can be provided as argument (see "How to use") * Account-wide Audit * Switch Key Integration (for multi-account management) ## Prerequisites/Requirements You need python3 and pip3 to fun this script. Python3 can be found [here](https://www.python.org/downloads/) To update pip. ```python3 -m pip install --upgrade pip``` I've provided the requirements document to help install all dependencies. ``` pip install -r requirements.txt``` ## Limitations Currently, for version 0.1 this script **will not look at variables within the origin behaviors** (Property Manager) since this adds a lot of complexity. This is because as an example: a variable (origin) can be made from other variables that are only available in execution time. ## How do I use it? | Script Arguments | Required | Value Type | Description | | :---------------------- |:-------------:|:-------------:| :-------------| | --audit | * | string | Allowed values: {account,config,file,list}. This field defines the type of audit to used. | | --domains | with audit type list. | list | Space delimited list of DNS records.| | --file | with audit type "file". | string | Path to the file to be parsed. | | --file-type | | string | Allowed values: {akamai, list}. You can provide a file that is either a list of DNS records or an Akamai Property Manager JSON configuration. The default value for this argument is "Akamai", meaning if parsing a PM configuration it is optional.| | --config-name | with audit type "config". | list | List of Akamai Property names.| | --section | | string | | name of EdgeRC credential section to be used for Akamai PAPI. | --account-key | | string | Akamai account ID to be audited (SwitchKey) | | --verbose | | None | Print debug information.| | --version | | None | Print script version.| ### **Audit** --audit Defines what and how this script will behave. * account: This type of audit will query Akamai using its OPEN API's and will get the list of groups and contracts and for each one it will audit all Property Manager configurations. * config: Similar to "account" it will fetch the Property Manager configurations but only for the names provided on the "**--config-name**" argument. Example: ```--audit config --config-name roymartinez.dev``` * file: Works with **--file-type**. This script currently supports two types of files list and Akamai PM Json (examples provided on the example folder). Example: ```--audit file --file /user/path/roymartinez.dev.json``` * list: Works with **--domains**, it will expect a list of DNS records and get certificate expiration date. ### **Domains** --domains Space delimited DNS records to be audited. ```--domains roymartinez.dev www.akamai.con``` ### **File** --file Provides path to file to be audited. ```--file /user/path/roymartinez.dev.json``` ### **File Type** --file-type Defines file type that will be used to parse the file, meaning if the value is ```--file-type list``` it will expect a comma separated list within the file and it will loop though them and if it's ```--file-type akamai``` (this is the default value) it will expect a json formated rule tree from Property Manager. ### **Configuration Name** --config-name This argument is expected when the audit type is **config** because it provides the name of the Akamai Property Manager Configuration to be queries on PAPI. ### **Verbose** --verbose This enables debug information to be printed on what the script is doing at for visibility.

### **Section** --section Akamai EdgeRC files can have multiple credentials defined by "Sections [default], [papi], etc" the script by default will use the **default** section but this behavior can be change with this argument., ### **Account Key** --account-key For multi-account users if you have **switch key** credentials you can specify the account ID with this. ## Examples (use cases) * **Audit list of domains** ```python3 ssl-audit.py --audit list --domains roymartinez.dev```

* **Audit list of domains on file** ```python3 ssl-audit.py --audit file --file examples/list.txt --file-type list```

* **Audit config with section and account ID** ```python3 ssl-audit.py --audit config --config-name roymartinez.dev --section allswitch --account-key 1-xyz```

## Contribute Want to contribute? Sure why not! just let me know! ## Author Me https://roymartinez.dev/ ## Licensing I am providing code and resources in this repository to you under an open-source license. Because this is my repository, the license you receive to my code and resources is from me and not my employer (Akamai). ``` Copyright 2019 Roy Martinez Creative Commons Attribution 4.0 International License (CC BY 4.0) http://creativecommons.org/licenses/by/4.0/ ```

近期下载者：

相关文件：

评论：[我要评论] [举报此文件]

收藏者：