How to check the expiration date of a certificate?

New Member

We encountered some error on default certificates that are expiring. WE renewed the certificates but now we want to know if there is a command to check when will a certificate expire. I tried this command:

/opt/splunk/bin/openssl x509 -enddate -noout -in /opt/splunk/etc/auth/server.pem

However, I am getting message:

/opt/splunk/bin/openssl: error while loading shared libraries: cannot open shared object file: No such file or directory

Thanks in advance.

Labels (1)
0 Karma


If you want to use the Splunk internal openssl, you have to source setSplunkEnv first. To `source` something in linux you can use the command source or like in my example a . (dot)

$: which openssl
$: . /opt/splunk/bin/setSplunkEnv
Tab-completion of "splunk <verb> <object>" is available.
$: which openssl

0 Karma


Hello @leirga11

Update: you can just use the system's version of openssl (without /opt/splunk/bin/ 😞

openssl x509 -noout -text -in /opt/splunk/etc/auth/server.pem

is this a tgz splunk setup? Check that a corresponding libssl file present. Use strace -e open to check which files are being opened.

ldd - print shared library dependencies

$ ldd /opt/splunk/bin/openssl =>  (0x00007ffe6c3c4000) => /opt/splunk/lib/ (0x00007f7a76613000) => /opt/splunk/lib/ (0x00007f7a7618c000) => /lib64/ (0x00007f7a75f88000) => /opt/splunk/lib/ (0x00007f7a765ee000) => /lib64/ (0x00007f7a75bba000)
        /lib64/ (0x00007f7a76469000)

openssl - expected behaviour:

$ /opt/splunk/bin/openssl x509 -noout -text -in /opt/splunk/etc/auth/server.pem
        Version: 1 (0x0)
        Serial Number:
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=CA, L=San Francisco, O=Splunk, CN=SplunkCommonCA/
            Not Before: Feb  8 13:40:25 2020 GMT
            Not After : Feb  7 13:40:25 2023 GMT

strace - trace system calls and signals

$ strace -e open /opt/splunk/bin/openssl x509 -noout -text -in /opt/splunk/etc/auth/server.pem
open("/opt/splunk/lib/tls/x86_64/", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/opt/splunk/lib/tls/", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/opt/splunk/lib/x86_64/", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/opt/splunk/lib/", O_RDONLY|O_CLOEXEC) = 3
open("/opt/splunk/lib/", O_RDONLY|O_CLOEXEC) = 3
Get Updates on the Splunk Community!

This Week's Community Digest - Splunk Community Happenings [9.26.22]

Get the latest news and updates from the Splunk Community here! Upcoming User Group Events! &#x1f44f; Check ...

BSides Splunk 2022 - The Call for Papers is now Open!

TLDR; Main Site: CFP Site: CFP Opens: December 15th, ...

Sending Metrics to Splunk Enterprise With the OpenTelemetry Collector

This blog post is part of an ongoing series on OpenTelemetry. The OpenTelemetry project is the second largest ...