Visit Our UNIX and Linux User Community


Keytool command to check expiration dates of certificates


 
Thread Tools Search this Thread
Operating Systems Solaris Keytool command to check expiration dates of certificates
# 1  
Old 09-16-2013
Keytool command to check expiration dates of certificates

Friends,

I'm in search of a keytool command which pulls the expiration dates of certificates in keystore. I have around 200 certs in my keystore, so would like to know if we have any script/command which can pull expiration dates of certificates at one run.
# 2  
Old 09-16-2013
You can loop through keytool extracting each cert, then pass that to the STDIN of:
Code:
openssl x509 -checkend $seconds

This will exit 0 if it is not going to expire within the next $seconds and exit 1 if it will.
# 3  
Old 09-16-2013
hey Dragon,

I was able to figure out this command which lists out the certificate information. Depending on this can you advise me a "grep" command or any other command which can sort these results and pull only the certificates which are going to expiry this month(Sep,2013) and corresponding alias name.

Command:
Code:
keytool -list -v -keystore cas_truststore.jks

Sample output:
Code:
Alias name: xxxxxx
Creation date: xxxxxx, 2013
Entry type: trustedCertEntry

Owner: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Serial number: xxxxxxxx
Valid from: Wed Nov 08 00:00:00 GMT 2006 until: Wed Jul 16 23:59:59 GMT 2036


Last edited by Scott; 09-17-2013 at 12:15 AM.. Reason: Code tags
# 4  
Old 12-17-2013
i use it like this:
Code:
keytool -list -v -alias <alias> -keystore <keystore> -storepass <passwd> | grep "Valid from:"


Last edited by bartus11; 12-17-2013 at 07:15 PM.. Reason: Please use code tags

Previous Thread | Next Thread
Test Your Knowledge in Computers #180
Difficulty: Medium
The Apple II was invented by Steve Jobs.
True or False?

9 More Discussions You Might Find Interesting

1. Programming

Question regarding keytool

I first generated jks using keytool -genkey -alias keyAlias-keyalg RSA -keypass changeit -storepass changeit keystore keystore.jksThen i generated the csr using keytool -certreq -alias $addr -sigalg SHA256withRSA -keystore $addr.jks -file $addr.csr Below is how i self sign and generate the... (0 Replies)
Discussion started by: mohtashims
0 Replies

2. Shell Programming and Scripting

How to enforce interactive keytool?

i am reading line by line from a file as below while IFS= read -r var do ... ... ... done < "hello.txt" I added the keytool command in the do while loop as below. while IFS= read -r var do ... keytool -genkey -alias $fname -keyalg RSA -keystore $fname.jks -keysize 2048 ... done... (3 Replies)
Discussion started by: mohtashims
3 Replies

3. HP-UX

How to check password expiration date of particular user?

Hi Guys, I am new to HP-UX and want to find expiration date of particular user please also note i don't have root access on that server. for e.g. i have user abc on my HP box and want to know when its password going to expire and also when its password changed last time. I also try to... (7 Replies)
Discussion started by: Yasin Rakhangi
7 Replies

4. Shell Programming and Scripting

Script to check Digital Certificates Expiration

Hi All, I have certificates that are being used in my current Project and all the Certificates are of extension ( .pfx - Identities , .cert - trusted certificates etc). All these certificates will expire in some other time. Can someone help me out in providing a script that is used to check the... (0 Replies)
Discussion started by: manukonda0102
0 Replies

5. Shell Programming and Scripting

UNIX Script to Check the Certificates

Hi All, Warm New Year Wishes to every one I am New to UNIX and i don't have much Experience on UNIX Scripting, so can someone help me out on below Request I have Digital certificates that are being used in My current project. All these Certificates are of Extensions (.cert and .pfx)... (1 Reply)
Discussion started by: manukonda0102
1 Replies

6. Cybersecurity

expiration of SSL Certificates

Does anyone know how to extract the expiration date of a Solaris 9 certificate? I have searched over the 'net and it seems this command ssl-cert-check comes up often but this does not work on my servers. Not sure how to extraxt the expiration dates of the SSL Certs so if anyone can help that would... (2 Replies)
Discussion started by: bluridge
2 Replies

7. AIX

Check the backup dates on Tape

Hi all I am using IBM machines with tape drive, what i do is go to informis and i insert the tape and run the command "ontape -s -L " and the level of backup that i want to take. Now what i want to check is which days are the backup being run, does the system create a log and stores info where... (0 Replies)
Discussion started by: masquerer
0 Replies

8. UNIX for Advanced & Expert Users

How do I check file dates on remote machines

Hi .. I want to check the date for one file which is present on the remote machine. How do i do that?? Also if i'm only having the sudo rights .. can i do that with my login or do i need all the access rights?? Please let me know asap. (3 Replies)
Discussion started by: decci_7
3 Replies

9. UNIX for Dummies Questions & Answers

Expiration dates of accounts' passwords ?

Hi How do I view/set the expiration dates of the accounts passwords in my FreeBSD ? Thanks in advance (1 Reply)
Discussion started by: sbayeta
1 Replies

Featured Tech Videos