Simple Script to check sha certificate expiration date

I came across this problem over the weekend. I needed to know quickly the expiry date for our new SHA-2 certificate. After some googleing I patched together this script.

OPENSSL="/usr/bin/openssl"
HOST=$1
PORT=$2

if [ "$HOST" == "" ]; then
 echo 'Usage: check.sh hostname.com
fi

if [ "$PORT" == "" ]; then
 PORT="443"
fi

CMD=`echo "" | $OPENSSL s_client -connect $HOST:$PORT 2>/dev/null | $OPENSSL x509 -enddate -noout 2>/dev/null| sed 's/notAfter\=//'`

if [ "$CMD" != "" ]; then
 echo $CMD
else
 echo Not an SSL secured site
fi

Leave a Reply

Your email address will not be published. Required fields are marked *