How to list all certificates


I have to check (all automatically) which certificate will expire soon and then generate it again. But how do I get a list of the certificates including the “notAfter” information. In the documentation ( I found
–header “X-Vault-Token: …”
–request LIST

but I don not understand the output. There are no names or so.

Any hint? Thanks!

1 Like

So far as I know, you only get the serial numbers and then have to do a read on each certificate record (and then read the cert itself) to get that info.

I think the intimation is that you shouldn’t be reacting to extended expiration windows and should be set up to expire everything quickly and tidy regularly.

I agree though, it’d be nice to get some metadata for when things aren’t behaving.

Trying to troubleshoot an explosion of certs and there’s not a great way of sifting through everything that’s there