How to find Certifications Expiry Date

Good Morning!
I have the following doubt:
Which command should I run to check the expiration date of my certificates on my server?
Operating System: Ubuntu
Thank you!

You can use the openssl tools for that:

$ openssl x509 -dates -noout < /path/to/certificate

But I have many certificates on server, each one in one folder, with the following files in folders:

  • cert.pem;
  • chain.pem;
  • fullchain.pem;
  • privkey.pem

Which of the files should I specify on the command?

cert.pem, because this is the leaf certificate.

I tried to run the following command:
sudo openssl x509 -dates -noout < /etc/letsencrypt/live/

But it showed me this:
-bash: /etc/letsencrypt/live/ Permission denied

Please show output of command:

$ ls -l /etc/letsencrypt/live/

But I used sudo to run the command.

Ah, the problem is sudo invocation. The redirect of standard input seems to happen before privilege expansion.

Just try:

$ sudo openssl x509 -dates -noout -in /path/to/cert.pem

1 Like

It worked now.
Thanks :slight_smile:

1 Like

Hi @vinicius.soccol,

Are you using Certbot? If so the command certbot certificates will show output that includes the expiry and is easier to use than openssl:

Found the following certs:
  Certificate Name:
    Expiry Date: 2017-02-19 19:53:00+00:00 (VALID: 30 days)
    Certificate Path: /etc/letsencrypt/live/
    Private Key Path: /etc/letsencrypt/live/

Ok, I’ll try this command.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.