India English
Kenya English
United Kingdom English
South Africa English
Nigeria English
United States English
United States Español
Indonesia English
Bangladesh English
Egypt العربية
Tanzania English
Ethiopia English
Uganda English
Congo - Kinshasa English
Ghana English
Côte d’Ivoire English
Zambia English
Cameroon English
Rwanda English
Germany Deutsch
France Français
Spain Català
Spain Español
Italy Italiano
Russia Русский
Japan English
Brazil Português
Brazil Português
Mexico Español
Philippines English
Pakistan English
Turkey Türkçe
Vietnam English
Thailand English
South Korea English
Australia English
China 中文
Somalia English
Canada English
Canada Français
Netherlands Nederlands

How to Check SSL Certificate Expiration Date in Ubuntu

Ubuntu, like other Linux distributions, relies on SSL/TLS certificates for secure website connections, applications, and data transfers. Understanding how to check SSL certificate expiration dates in Ubuntu is essential to proactively prevent security risks and maintain the trust of your users.

Let’s delve into the straightforward and effective methods at your disposal.

1. The Multi-Purpose OpenSSL

OpenSSL is the go-to cryptographic toolkit in Ubuntu (and many other Linux flavors). Here’s how to use it to display a certificate’s expiration date:


openssl x509 -in certificate.pem -text -noout | grep "Not After" 
  • Remember to replace certificate.pem with the actual path to your certificate file.
  • Look for the line “Not After” in the output. This reveals the date and time the certificate expires.

2. Checking Validity at a Specific Time

OpenSSL lets you check if a certificate will be valid at a precise date and time using the -checkend option:


openssl x509 -in certificate.pem -checkend <seconds>
  • Replace <seconds> with the number of seconds since the Unix Epoch (January 1st 1970). You can use online epoch time converters to calculate this value.

3. Remote Certificate Inspection

Want to check the expiration date of an SSL certificate used by a website? Here’s how:


openssl s_client -connect < /dev/null | openssl x509 -noout -dates
  • Replace with the domain name of the website you’d like to check.

4. Web-Based Tools

If you prefer a graphical approach, numerous online SSL checkers can help. Popular options include:

These tools let you enter a domain name to analyze the live certificate on the server or upload a certificate file for inspection.

Key Considerations

  • Ubuntu = Linux: These methods generally work across most Linux distributions, as OpenSSL is a common component.
  • Expired Certificates: Browsers will warn users about expired certificates. Expired certificates can also disrupt application functionality.
  • Proactive Monitoring: Consider scripting checks and setting up alerts to preempt problems caused by expirations.

In Summary

Knowing how to check SSL certificate expiration dates in Ubuntu is a valuable skill for system administrators and anyone concerned with secure online interactions. Choose the method that best suits your workflow, and stay ahead of issues caused by expired certificates!

Read also:


Enjoy this blog? Please spread the word :)