#/bin/bash host=$1 port=443 end_date=`openssl s_client -servername $host -host $host -port $port -showcerts </dev/null 2>/dev/null | sed -n '/BEGIN CERTIFICATE/,/END CERT/p' | openssl x509 -text 2>/dev/null | sed -n 's/ *Not After : *//p'` if [ -n "$end_date" ] then end_date_seconds=`date '+%s' --date "$end_date"` # date指令format字符串时间。 now_seconds=`date '+%s'` echo "($end_date_seconds-$now_seconds)/24/3600" | bc fi
Save the above script in the check_ssl.sh file, and then execute sh check_ssl.sh www.baidu.com to check the validity period of the certificate
Pay attention to the -servername parameter, if there is no such parameter, it is to check the ip certificate