如何使用 openssl 检查 SSL/TLS 证书到期

使用以下命令检查 SSL/TLS 证书的到期日期。此命令还包含 SNI（服务器名称指示）

check_cert_expiry.sh

echo | openssl s_client -connect techoverflow.net:443 2>&1 | sed --quiet '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | openssl x509 -noout -text | grep --after 2 Validity

echo | openssl s_client -connect techoverflow.net:443 2>&1 | sed --quiet '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | openssl x509 -noout -text | grep --after 2 Validity

记住将 techoverflow.net 的两个实例替换为要测试的域名！

示例输出：

openssl_validity_output.txt

Validity
    Not Before: Aug 18 00:00:00 2021 GMT
    Not After : Aug 17 23:59:59 2022 GMT

Validity
    Not Before: Aug 18 00:00:00 2021 GMT
    Not After : Aug 17 23:59:59 2022 GMT

Check out similar posts by category: Linux, Networking

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow

Buy me a coffee