An OpenSSL command to retrieve the cert chain from a host and parse out the CN and expiry info
[lisa@linux05 ~]# openssl s_client -connect 10.5.5.75:443 -servername lisa.rushworth.us -showcerts </dev/null 2>/dev/null | sed -n ‘/BEGIN CERTIFICATE/,/END CERTIFICATE/p’ | openssl x509 -noout -subject -startdate -enddate -nameopt RFC2253
subject=CN=lisa.rushworth.us
notBefore=Sep 2 03:28:34 2025 GMT
notAfter=Dec 1 03:28:33 2025 GMT












