Determining Certificate Expiration

ONLINE: Public Facing URL

Utilize the SSL checker here: SSL Checker
Example of successful certificate check, review the output to find the "server" certificate expiration date.

Open

Checking F5 certificate expiration via Splunk Dashboard

COMMAND LINE: Public Facing URL

The "openssl" command can be utilized on many platforms to check the certificate expiration date of any URL.

Linux OS

Issue the following command (substituting the actual FQDN that needs to be verified for "www.utexas.edu")
openssl s_client -connect http://www.utexas.edu :443 -servername http://www.utexas.edu

Windows OS

You need to download the OpenSSL package for Windows, download it here:Win32/Win64 OpenSSL Installer for Windows - Shining Light Productions
Download and install the lastest version available from this site.  Once installed, open a command prompt as Administrator and execute the following command:

Based on where the installation was done:

C:\Program Files\OpenSSL\bin\openssl.exe s_client -showcerts -connect http://www.utexas.edu :443 -servername http://www.utexas.edu | openssl.exe x509 -inform pem -noout -enddate

COMMAND LINE: Using OpenSSL to check offline certificate file

You will need to obtain a copy of the certificate file (*.crt or *.pem). You can google exactly where this file can be found (and the file extension) depending on the service and operating system. With the certificate file, perform the following command:

openssl x509 -enddate -noout -in filename

Use the browser to check expiration date

Open

1. Click the "lock icon" in your browser. 

2. Follow the prompts and links for "Connection" or "Secure Connection".  

3. Continue to click on "More Information" or "Advanced". 

4. Look for an expiration date or "Certificate Information".