Today I wanted to check the notBefore and notAfter validity dates of an SSL cert installed on a remote server.

I immediately wondered if there was an easy way to use the OpenSSL command line tool to accomplish this.

And there is - you just have to pass the output of openssl s_client to openssl x509, and away you go:

echo |\
  openssl s_client -connect www.google.com:443 2>/dev/null |\
  sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' |\
  openssl x509 -noout -subject -dates

That command should print the subject, notBefore, and notAfter dates of the certificate used by www.google.com:

subject= /C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
notBefore=Jul 12 08:56:36 2013 GMT
notAfter=Oct 31 23:59:59 2013 GMT

I picked up the specifics of how to do this over at the very useful OpenSSL Command-Line HOWTO site. It's worth reading in depth.