Forrest logo
back to the openssl tool

openssl-x509:tldr:fb5c5

openssl-x509: Display a certificate's expiration date.
$ openssl x509 -enddate -noout -in ${filename-pem}
try on your machine

The command openssl x509 -enddate -noout -in ${filename-pem} is used to display the expiration date of an X.509 certificate.

Here's a breakdown of the command:

  • openssl: This is the command-line tool for the OpenSSL library, which provides cryptographic functions and utilities.
  • x509: This is a subcommand of OpenSSL used for handling X.509 certificates.
  • -enddate: This option tells OpenSSL to display the validity end date of the certificate.
  • -noout: This option instructs OpenSSL to not display any additional information about the certificate, only the end date.
  • -in ${filename-pem}: This specifies the input file to be read, which should be in PEM format. ${filename-pem} is a placeholder for the actual filename and should be replaced with the name of the certificate file you want to analyze.

Overall, the command reads the X.509 certificate from the specified file and outputs only the expiration date of the certificate, without any other details.

This explanation was created by an AI. In most cases those are correct. But please always be careful and never run a command you are not sure if it is safe.
back to the openssl tool