Bhushan Kawadkar
Reputation: 28523
How to read tomcat SSL certificate expiration date
I am trying to read tomcat SSL/TLS certificate using Python shell and openssl but getting below error:
openssl x509 -in /opt/conf/.keystore -noout -dates
unable to load certificate
139716531042120:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: TRUSTED CERTIFICATE
My SSL certificate type is ppk7. I have searched many posts but could not find answer.
If anyone can give me solution in python that is also fine.
Upvotes: 2
Views: 4911
Answers (1)
Bhushan Kawadkar
Reputation: 28523
I got a solution (don't know if this is correct or not). I have read server.xml in conf folder of tomcat and get https port as shown below
<Connector SSLEnabled="true"
URIEncoding="UTF-8"
........
........
port="9443" <!--https port-->
scheme="https"
secure="true"
sslProtocol="TLS"/>
used below shell command to read SSL certificate infor and save it in a file.
openssl s_client -connect MACHINE_HOST_NAME:SSL_PORT_NUMBER > /tmp/FILE_NAME.crt
then decode this file to read expiration date as below
openssl x509 -in /tmp/FILE_NAME.crt -noout -enddate
this produces output like below
notAfter=Aug 31 23:59:59 2019 GMT
similary you can read start date, issuer, serial number etc.
Upvotes: 3
Related Questions
- Python: how to get expired SSL cert date?
- How to determine SSL cert expiration date from a PEM encoded certificate?
- How to check expiry date of remote ssl certificates
- how to check SSL certificate expiration date programmatically in Java
- How to determine SSL cert expire date from the cert file itself(.p12)
- How to check a SSL certificate expiration date with aiohttp?
- Checking certificates expiration dates in java keystore
- How to fetch the SSL certificate to see whether it's expired or not
- Get .pfx Cert File Expiration with pyOpenSSL
- Checking the expiry dates of SSL certs