Sunday, June 10, 2012

Has my SSL cert Expired?


I know Browser gives this info - but if you wanna use this info somewhere in a script etc. this command can be definitely handy!

[root@DebaTestBox ~]# echo | openssl s_client -connect mysite.com:443 2>/dev/null |openssl x509 -dates -noout

notBefore=Mar 20 00:00:00 2012 GMT

notAfter=Apr 19 23:59:59 2016 GMT

[root@DebaTestBox ~]#

Below will actually give you how many days left for expiry  -

#Cat WillExpire-in.sh
end_date=`openssl s_client -showcerts -connect mysite.com:443  
/dev/null | sed -n 's/ *Not After : *//p'`

if [ -n "$end_date" ]
then
    end_date_seconds=`date '+%s' --date "$end_date"`

    now_seconds=`date '+%s'`

    echo "($end_date_seconds-$now_seconds)/24/3600" | bc
fi

Thanks/-

D

No comments:

Post a Comment

RCA - Root Cause Analysis

An important step in finding the root causes of issues or occurrences that happen within a system or organization is root cause analysis (RC...