Three ways to check for SSL certificate expiration times

Before, there is a domain name using the online free SSL certificate, and then want to change the certificate after the expiration of Let's encrypt free certificate, then want to query the domain name SSL certificate How many days left expired.

The method of querying the certificate expiration time is very simple, the following uses sslforfree.com this domain to carry on the test, below simple record the step. method One: View on the direct browser

The premise of this method is that your domain name has been directed to the Web server and can be accessed normally on the browser.

First use your browser to access your site's domain name, and then click the lock icon above the address bar to view:

The above is used in Firefox browser to view, other browsers should look at the same method is basically the same. method Two: Use the Openssl tool to view on the server side

Since my service is built on the Centos, after logging in with Xshell or Putty tools, enter the certificate directory and use the OpenSSL command to view:

# Cd/usr/ssl/cert

# OpenSSL x509-in signed.crt-noout-dates

Change it to the directory where you own the certificate, and change the certificate name to the name of the certificate on your own server. method Three: Use the PHP code method to view

If you have multiple domain names that you can access, it's much easier to use code to view them without a single manual view. The following code is attached:

/**
 * Obtain certificate validity
/Public Function getvalidity () {
	$domain = "sslforfree.com";
	$context = stream_context_create (Array ("SSL" => Array ("Capture_peer_cert_chain" => true));
	$socket = Stream_socket_client ("ssl://$domain: 443", $errno, $errstr, Stream_client_connect, $context);
	$context = Stream_context_get_params ($socket);
	foreach ($context ["Options"] ["SSL"] ["Peer_certificate_chain"] as $value) {
		//Use OpenSSL extensions to resolve certificates, use X509 certificate validation functions
		$cerInfo = Openssl_x509_parse ($value);
		if ($cerInfo [' name '], $domain) {
			echo  "Start:". Date ("y-m-d", $cerInfo [' validfrom_time_t ']). "Strpos <br/> ";
			echo "End:". Date ("y-m-d", $cerInfo [' validto_time_t ']);}}

Output content: start:2018-04-06
end:2018-07-05

The above $cerInfo a lot of information parameters, can be interested to print out to see.

The above describes several ways to view the expiration of SSL certificates, generally the most commonly used method is directly in the browser to view, convenient and quick.

Article source: Scatter a place, reprint please specify.