Possible to extract certificate expiration date?

Dear all =)

Is it possible to get the expiration date from a certificate that is stored in Vault?

The situation is we have 100+ certs in Vault, and it would be very useful to be have a script that would go through all the certs then print out the expiration date.

Is that possible?

Sandra =)

Are they stored in the kv secrets engine or pki? I think in either case, the engines don’t have features to give you exactly what you want without additional processing, but it would be interesting as part of the wider context and motivation. For extracting all the expiry dates, I think your best bet would be a bash script with a for loop over all the certificates and some processing of the outputs with openssl or similar.

1 Like