We use the following command to get the ending date of PEM encoded certificates that are generated using certbot
and Let's Encrypt
:
openssl x509 -enddate -noout -in fullchain.pem;
To get a list of all certificates and their expiration dates, we issue the following find
command that executes the above snippet on each result while printing the name of the file first.
find ~/certificates/ -name "fullchain.pem" -print -exec openssl x509 -enddate -noout -in '{}' \;
In this example, the certificates are in our home folder under the name ‘certificates’. The results will look like the following sample:
/home/tux/certificates/example.com/fullchain.pem notAfter=Aug 22 10:12:55 2021 GMT /home/tux/certificates/site2.example.com/fullchain.pem notAfter=Nov 22 03:22:44 2021 GMT
This post is also available in: Greek