1 files changed, 25 insertions, 8 deletions

diff --git a/plugins/sslutils.c b/plugins/sslutils.c
index 43b1a5a6..4f9c793c 100644
--- a/plugins/sslutils.c
+++ b/plugins/sslutils.c
@@ -195,7 +195,9 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
 #  ifdef USE_OPENSSL
         X509 *certificate=NULL;
         X509_NAME *subj=NULL;
+        char timestamp[50] = "";
         char cn[MAX_CN_LENGTH]= "";
+        
         int cnlen =-1;
         int status=STATE_UNKNOWN;
 
@@ -204,7 +206,7 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
         struct tm stamp;
         float time_left;
         int days_left;
-        char timestamp[50] = "";
+        int time_remaining;
         time_t tm_t;
 
         certificate=SSL_get_peer_certificate(s);
@@ -258,7 +260,8 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
                 (tm->data[6 + offset] - '0') * 10 + (tm->data[7 + offset] - '0');
         stamp.tm_min =
                 (tm->data[8 + offset] - '0') * 10 + (tm->data[9 + offset] - '0');
-        stamp.tm_sec = 0;
+        stamp.tm_sec =
+                (tm->data[10 + offset] - '0') * 10 + (tm->data[11 + offset] - '0');
         stamp.tm_isdst = -1;
 
         time_left = difftime(timegm(&stamp), time(NULL));
@@ -269,21 +272,35 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
         if (days_left > 0 && days_left <= days_till_exp_warn) {
                 printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp);
                 if (days_left > days_till_exp_crit)
-                        return STATE_WARNING;
+                        status = STATE_WARNING;
                 else
-                        return STATE_CRITICAL;
+                        status = STATE_CRITICAL;
+        } else if (days_left == 0 && time_left > 0) {
+                if (time_left >= 3600)
+                        time_remaining = (int) time_left / 3600;
+                else
+                        time_remaining = (int) time_left / 60;
+
+                printf (_("%s - Certificate '%s' expires in %u %s (%s)\n"),
+                        (days_left>days_till_exp_crit) ? "WARNING" : "CRITICAL", cn, time_remaining,
+                        time_left >= 3600 ? "hours" : "minutes", timestamp);
+
+                if ( days_left > days_till_exp_crit)
+                        status = STATE_WARNING;
+                else
+                        status = STATE_CRITICAL;
         } else if (time_left < 0) {
                 printf(_("CRITICAL - Certificate '%s' expired on %s.\n"), cn, timestamp);
                 status=STATE_CRITICAL;
         } else if (days_left == 0) {
-                printf (_("%s - Certificate '%s' expires today (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, timestamp);
+                printf (_("%s - Certificate '%s' just expired (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, timestamp);
                 if (days_left > days_till_exp_crit)
-                        return STATE_WARNING;
+                        status = STATE_WARNING;
                 else
-                        return STATE_CRITICAL;
+                        status = STATE_CRITICAL;
         } else {
                 printf(_("OK - Certificate '%s' will expire on %s.\n"), cn, timestamp);
-                status=STATE_OK;
+                status = STATE_OK;
         }
         X509_free(certificate);
         return status;