Monday, 20 September 2021

How to Check a TLS/SSL Certificate Expiration Date on Ubuntu

The purpose of using TLS/SSL certificates on web servers is to encrypt the connection between the web browser and server. However, these certificates are not valid for a whole life rather they also have a finite expiration date after which the web browser will show an error message when connecting to the website. Today, I will show you how you can check the TLS/SSL certificate expiration date of an SSL certificate of a website using OpenSSL on Ubuntu 20.04.

Checking the TLS/SSL Certificate Expiration Date on Ubuntu

To check the TLS/SSL certificate expiration date of an SSL certificate on the Linux shell, follow these steps:

Step #1: Check if OpenSSL is Installed on your System or no:

First of all, you must ensure that OpenSSL is installed on your system. On most of the latest Linux distributions, OpenSSL is installed by default but we still need to confirm it. If it is not there, then we will have to install it before proceeding further. The existence of OpenSSL on our Ubuntu system can be verified by checking its version with the command shown below:

$ openssl version

 

 

As you can see the OpenSSL version in the following image, means that OpenSSL is installed on our Ubuntu system so, we are good to go.

 

 

Step # 2: Define and Export the URL Variable:

Now, we need to define and export a URL variable that will correspond to the URL of the website whose certificate expiration date we want to check. Whenever we want to check the TLS/SSL certificate expiration date of a new website, we will have to define and export its particular URL variable in the manner shown below:

$ export SITE_URL= "WebsiteURL"

 

 

You can replace the website URL with the URL of the website whose TLS/SSL certificate expiration date you want to check out. We have used google.com over here. This command will not produce any output as shown in the following image:

 

 

Step #3: Define and Export the Port Variable:

After that, we need to define and export a Port variable. Now, since we all know that TLS/SSL always uses port number 443 to work that is why this variable will remain the same no matter which website URL you have used in the previous step. To define and export the port variable, we will execute the command shown below:

$ export SITE_SSL_PORT="443"

 

 

Again, this command will not produce any output as shown in the following image:

 

 

Step #4: Check the TLS/SSL Certificate Expiration Date:

Finally, we can check the TLS/SSL certificate expiration date of our desired website by executing the command shown below:

$ openssl s_client -connect ${SITE_URL}:${SITE_SSL_PORT} -servername ${SITE_URL} 2> /dev/null | openssl x509 -noout -dates

 

 

After executing this command, you will be presented with two different dates in the output. The date highlighted in the following image is the TLS/SSL certificate expiration date for the specified website.

 

 

Link: https://vitux.com/how-to-check-the-tls-ssl-certificate-expiration-date-on-ubuntu/

NOCPERU - DATA CENTER, is the first corporate data center dedicated to companies, a robust and stable system developed with fiber optic connectivity and operated by the highest international standards.

Contact Us

Trujillo, La Libertad, Perú
01 641 1239
044 64 3108
01 305-749-5753
+51 902 524 298