-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathionis_certs.install
70 lines (64 loc) · 2.81 KB
/
ionis_certs.install
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
<?php
/**
* @file
* Install, update and uninstall functions for the ionis_certs module.
*/
/**
* Implements hook_requirements().
*/
function ionis_certs_requirements($phase) {
$requirements = [];
$title = t('SSL certificates check');
if ($phase == 'runtime') {
// Check for the existence of the state variable.
$expiry_time = \Drupal::state()->get('ionis_certs_expiry_epoch_seconds');
if ($expiry_time === NULL) {
// Significant problem if the state variable is not present.
$requirements['ionis_certs_expiry_check'] = [
'title' => $title,
'value' => t('SSL certificate expiration not set'),
'severity' => REQUIREMENT_ERROR,
'description' => t('This indicates that the certificate acquisition process has not run successfully.'),
];
}
else {
// Calculate the difference in days from today.
$current_time = time();
$days_difference = (int) (($expiry_time - $current_time) / 86400);
if ($days_difference >= 30) {
// OK status if more than 30 days into the future.
$requirements['ionis_certs_expiry_check'] = [
'title' => $title,
'value' => t('SSL certificates do not expire for at least 30 days'),
'severity' => REQUIREMENT_OK,
'description' => t('Certificates expire: %d.', ['%d' => date(DATE_RFC822, $expiry_time)]),
];
}
elseif ($days_difference >= 10) {
$requirements['ionis_certs_expiry_check'] = [
'title' => $title,
'value' => t('Expiry date is less than 30 days into the future'),
'severity' => REQUIREMENT_WARNING,
'description' => t('Certificates expire: %d. They should renew on the next run of the certificate acquisition process. If it has run since certificates were wtihin 30 days of expiration it should be investigated to ensure it is running successfully.', ['%d' => date(DATE_RFC822, $expiry_time)]),
];
}
elseif ($expiry_time > $current_time) {
$requirements['ionis_certs_expiry_check'] = [
'title' => $title,
'value' => t('Expiry date is less than 10 days in the future'),
'severity' => REQUIREMENT_ERROR,
'description' => t('Certificates expire: %d. The certificate acquisition process should be investigated to ensure it is running successfully.', ['%d' => date(DATE_RFC822, $expiry_time)]),
];
}
else {
$requirements['ionis_certs_expiry_check'] = [
'title' => $title,
'value' => t('Certificates expired'),
'severity' => REQUIREMENT_ERROR,
'description' => t('Certificates expired: %d. The certificate acquisition process should be investigated to ensure it is running successfully.', ['%d' => date(DATE_RFC822, $expiry_time)]),
];
}
}
}
return $requirements;
}