====== Checking a SSL Certificate ======
===== Prerequisite =====
To query certificates the openssl package has to be installed:
  openssl version –a
===== View the Full Certificate Details =====
To check the details of a particular certificate, run the following command. This OpenSSL command shows certificate expiry, subject, issuer, key details, and signature algorithm.
  openssl x509 -in mail.oscardegroot.nl.cer -text -noout
===== View the SSL Certificate Itself (Encoded) =====
OpenSSL allows you to view the SSL certificate in its original encoded format. Run the command below to display it:
<code>
$ echo | openssl s_client -servername google.com -connect www.google.com:443 2>/dev/null | openssl x509 
--------------------------------------------------------------
-----BEGIN CERTIFICATE-----
MIIOPDCCDSSgAwIBAgIQeJqX0U5Tc7gJCu11qI55eTANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM
QzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yMzA4MDcxMjE2NDBaFw0yMzEwMzAx
......
hwJIJt0p+v/KtBb7R+9YWcK4kaW7ColdWx3pIneTZse0o+42x8HshHLwhNma5u6M
rXZNfOQmwIeD7gdNYyfdrJ78tJDZU7eJjhyYmsSD1SgHPwSefW3ZjOEaRdGhS2QU
-----END CERTIFICATE-----
</code>
===== Check SSL Certificate Validity =====
It’s important to know when the SSL certificate expires, so you can renew it in advance and avoid potential website outages and data breaches. Here’s how to check the SSL certificate expiration date in Linux:
<code>
$ echo | openssl s_client -servername oscardegroot.nl -connect www.oscardegroot.nl:443 2>/dev/null | openssl x509 -noout -dates
--------------------------------------------------------------
notBefore=Jul  1 00:56:57 2023 GMT
notAfter=Sep 29 00:56:56 2023 GMT
</code>