I recently installed Let’s Encrypt mechanism on some of my sites.
Currently, the upgrade is not automatic (beta version + I personally need to be convinced )
So, I need to monitor the validity dates of the certificates.
Here is a one-liner that do the job:
echo | openssl s_client -connect <site>:<port> 2>/dev/null | openssl x509 -noout -enddate
Note that I added the initial “echo”, as the openssl is waiting for an input…
$ echo | openssl s_client -connect raistlin.alphamaths.fr:443 2>/dev/null | openssl x509 -noout -enddate notAfter=Mar 5 16:30:49 2017 GMT
You can imagine any kind of monitoring / notification on top of that !