Monday, 23 July 2018

Check SSL certificate expiration date and other details at the command line

Check SSL certificate expiration date and other details at the command line
To check a local cert:
c="/path/to/cert"
openssl x509 -noout -dates -subject -issuer -in $c
To check a remote cert, first get it with s_client, then feed to x509:
h="google.com"
p="443"
openssl s_client -host $h -port $p | openssl x509 -noout -dates -subject -issuer
Example output:
depth=1 C = US, O = Google Inc, CN = Google Internet Authority
verify error:num=20:unable to get local issuer certificate
verify return:0
notBefore=Aug 14 21:46:27 2013 GMT
notAfter=Oct 31 23:59:59 2013 GMT
subject= /C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.google.com
issuer= /C=US/O=Google Inc/CN=Google Internet Authority
read:errno=0

0 comments:

Post a Comment