Check site certificate validity

go_lockerI recently installed Let’s Encrypt mechanism on some of my sites.
Currently, the upgrade is not automatic (beta version + I personally need to be convinced :-) )

So, I need to monitor the validity dates of the certificates.
Here is a one-liner that do the job:

 echo | openssl s_client -connect <site>:<port>  2>/dev/null | openssl x509 -noout -enddate

Note that I added the initial “echo”, as the openssl is waiting for an input…

Output example:

$ echo | openssl s_client -connect raistlin.alphamaths.fr:443 2>/dev/null | openssl x509 -noout -enddate
 notAfter=Mar 5 16:30:49 2017 GMT

You can imagine any kind of monitoring / notification on top of that !

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>