Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
show lets encrypt certificates that are expired
unix_todate=$(date -d "${todate}" "+%s")
for pem in /etc/letsencrypt/live/*/cert.pem; do
if [ $(date --date="$(openssl x509 -enddate -noout -in "$pem"|cut -d= -f 2)" "+%s") -le $unix_todate ];
then
printf '%s: %s\n' \
"$(date --date="$(openssl x509 -enddate -noout -in "$pem"|cut -d= -f 2)" --iso-8601)" \
"$pem"
fi
done | sort
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment