To determine the SSL certificate expiration date from a PEM-encoded certificate, you can use the openssl command-line tool. Here's how to do it:
Step 1: View the Certificate Information
Use the openssl x509 command to display the details of the certificate, including the expiration date.
openssl x509 -in your_certificate.pem -noout -dates
in your_certificate.pem: Specifies the input PEM file containing the certificate.noout: Preventsopensslfrom outputting the entire certificate.dates: Outputs the certificate's start (notBefore) and end (notAfter) dates.
Example
If your PEM-encoded certificate is named certificate.pem, the command would be:
openssl x509 -in certificate.pem -noout -dates
Expected Output
The command will output something like:
notBefore=Mar 20 12:00:00 2023 GMT
notAfter=Mar 20 12:00:00 2024 GMT
- notBefore: The date and time when the certificate becomes valid.
- notAfter: The date and time when the certificate expires.
Step 2: Interpret the Dates
- The notAfter date tells you when the certificate will expire.
- Ensure that your system time is correctly set to avoid misinterpretation of the expiration date.
Summary
By using the openssl x509 -in your_certificate.pem -noout -dates command, you can easily find the expiration date of your SSL certificate from a PEM-encoded certificate file.
Got an article suggestion?
Let us know
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.