How to check TLS/SSL certificate expiration date from Linux CLI?
Last Updated :
05 Feb, 2023
Transport Layer Security is referred to as TLS. The system known as Transport Layer Security creates an encrypted session between two computers using the Internet. It authenticates the server’s identity and inhibits data interception by hackers. When using the HTTPS protocol, users can securely transfer sensitive data thanks to TLS (and SSL’s forerunner). In other words, HTTPS is TLS overlaid with HTTP. Applications like banking, information authentication, email exchange, and any other process requiring a greater level of privacy and security are perfect candidates for this technology. TLS makes it more difficult for hackers to get sensitive information by encrypting otherwise readable data. This helps to give an additional layer of security.
Digital certificates are files that are used to verify who has a public key, often known as identity certificates or public key certificates. A Certificate Authority issues TLS certificates, a sort of digital certificate (CA). The certificate is signed by the CA, attesting to the fact that they have confirmed it belongs to the people who hold the domain name that is the subject of the certificate.
TLS certificates typically include the following details:
- Domain Name
- Organization
- The name of the issuing CA
- Subdomains
- Issue Date
- Expiry Date
- The public key
- The digital signature by the CA
Below are the steps to view the expiration date of TLS/SSL from Linux CLI.
Find out the expiration date for www.geeksforgeeks.org
Step 1: Open The CLI (Command-Line Interface) by pressing below keyboard keys.
CTRL + ALT + T
Or you can open a terminal by right-clicking anywhere and the menu will be popped, click on the Open Terminal option.
Step 2: Define the variable for the site URL or the site name that you want to view the expiration date of TLS/SSL. (for eg. google.com). Use the below code to define a variable in CLI. (Replace google.com with the URL of the site that you want to see.)
export URL_OF_WEBSITE="www.geeksforgeeks.org"
Enter the above command and press enter.
Step 3: Again define one variable for the Port address as shown below.
export SSL_PORT_ADDRESS="443"
Step 4: Now use the below command to view the Expiration date, Paste the below command in CLI and press enter.
echo | openssl s_client -connect ${URL_OF_WEBSITE}:${SSL_PORT_ADDRESS} -servername ${URL_OF_WEBSITE} 2> /dev/null | openssl x509 -noout -dates
Step 5: There two dates will be appeared notBefore and notAfter, In that notAfter is the expiration date. See below screenshot of CLI you can see the expiration date.
Method: Finding the SSL certificate expiration date from a PEM-encoded certificate file
Step 1: Repeat the first three same steps as in the above example.
Step 2: Enter the below command to download the PEM Encoded Certificate file.
echo -n | openssl s_client -connect ${URL_OF_WEBSITE}:${SSL_PORT_ADDRESS} -servername ${URL_OF_WEBSITE} \ | openssl x509 > ./SSL.cert
After entering the above command SSL.cert file will be downloaded.
Step 3: Enter Below Command to view Expiry Data.
openssl x509 -enddate -noout -in ./SSL.cert
Step 4: The expiration Date will be displayed.
Similar Reads
How to disable security certificate checks for requests in Python
In this article, we will discuss how to disable security certificate checks for requests in Python. In Python, the requests module is used to send HTTP requests of a particular method to a specified URL. This request returns a response object that includes response data such as encoding, status, con
2 min read
How to Generate a CSR (Certificate Signing Request) in Linux?
Certificate Signing Request(CSR) is a block encrypted text that is given to the Certificate Authority when applying for an SSL Certificate. Generation of Certificate Signing Request(CSR) for Secure Sockets Layer(SSL) is common in Linux on various distributions. CSR is generated on the server, it sto
6 min read
How to Generate a Self-Signed Certificate with OpenSSL in Linux?
TLS (Transport Layer Security) is a secured protocol which is currently in trend. It can see used on top of the HTTP and application layer. The primary use of this protocol is to set up secure communication between web applications and servers. TLS protocol can also be used for secure email transfer
3 min read
How to Install and use SSL Certificate In Python
A secure Socket Layer (SSL) Certificate is a Digital certificate that can be used for the authentication of a website and it helps to establish an encrypted connection between the user and server. SSL is a secure layer that creates an encrypted link between a web server and a web browser. SSL keeps
2 min read
How does Selenium Webdriver handle the SSL certificate in Edge?
When testing web applications with Selenium WebDriver, you may encounter websites with invalid or self-signed SSL certificates, especially in development or testing environments. These certificates can trigger security warnings that may prevent automation scripts from proceeding. In production, such
2 min read
Creating a User With an Expiry Date in Linux
Linux is a multi-user system and thus, it allows more than one person to interact with the system at the same time. There are numerous ways in which we can create new users in Linux. The system administrator has the responsibility to manage different users of the system. For types of users in Linux
2 min read
How to Delete All Files Before a Certain Date in Linux
Linux, an advanced and open-source operating system, has several file-management commands and utilities. Deleting files in Linux is an essential skill for all users, whether beginner or experienced. In this article, we will learn how to delete all files before a certain date in Linux. In Linux, you
5 min read
How to Display and Set Date and Time in Linux | date Command
Unlock the full potential of the date command in Linux—a versatile tool that does more than just show the current date and time. With this command, you can set your system’s clock, synchronize time across networks, and even calculate past or future dates for tasks like scheduling or logging. In this
8 min read
How to Check if OpenSSL and mod_ssl are Installed on Apache2?
OpenSSL is an open-source software that is essential in various operations, like encryption or decryption of data, and such, which is used in various protocols like SSL, or TLS. mod_ssl is an Apache web server module that helps in providing secure communication via the same SSL or TLS protocols. The
2 min read
How to Make Git Accept a Self Signed Certificate?
Using Git in a secure environment often requires dealing with SSL certificates. When a self-signed certificate is used, Git might reject the connection due to the certificate's untrusted nature. This can create a problem when accessing repositories over HTTPS. However, you can configure Git to accep
3 min read