First you will need to translate the pkcs12 certificate into a PEM certificate.
The PEM certificate is only needed temporarily and can later be removed.
$ openssl pkcs12 -in certificate.p12 -out tempcrt.pem Enter Import Password: MAC verified OK Enter PEM pass phrase: Verifying - Enter PEM pass phrase:
Now, we use the tempcrt.pem that we generated to determine the expiration date. The first method, which only displays the expiration date can be retrieved like this:
$ openssl x509 -in tempcrt.pem -noout -enddate notAfter=Jan 3 23:19:24 2009 GMT
The second method which includes a lot more detail about the certificate below, I’ve only included the details relevant to the creation and expiration dates.
$ openssl x509 -in tempcrt.pem -noout -text [ ... snip ... ] Validity Not Before: Jan 3 23:19:24 2008 GMT Not After : Jan 3 23:19:24 2009 GMT [ ... snip ... ]