find all certificate files in any centos directory using the expiry date filter

rmon
December 31, 2020
174 views
0 votes
2 Answers

Please, I need to find all certificate files in any directory in the centos box.

I tried the "find" with "exec" command and grep "not after". This display only the expiry dates of the certificates but I need to find the actual files too:

find /etc/  -type f -exec openssl x509 -in {} -noout -text ; |
grep -i  "not after"

what command could list the cert files with the content of their expiry dates too?

Answers

- anubhava
- December 31, 2020 at 7:22 pm
- 0 votes
0
You may use this find + awk:
```
while IFS= read -rd '' cert; do
   printf '%s :: ' "$cert"
   openssl x509 -in "$cert" -noout -text |
   awk -F ' *Not After : ' 'NF == 2 {print $2; exit}'
done < <(find /etc -type f -print0)
```
Login or Signup to reply.

A version with a helper-script:

cat /root/expiry.sh

#!/bin/bash
name=$1
expiry=$(openssl x509 -in $name -noout -text 2>/dev/null | grep -i "not after")
if [[  $PIPESTATUS -eq 0 ]]; then
    echo -e "${name}t${expiry}"
fi

Execute like so:

find /etc/  -type f -exec /root/expiry.sh "{}" ;
/etc/ssl/certs/ssl-cert-snakeoil.pem                Not After : Mar 30 22:59:59 2027 GMT
/etc/ssl/certs/ca-certificates.crt              Not After : Dec 31 09:37:37 2030 GMT

Please signup or login to give your own answer.

Click here to cancel reply.