Security

How to check the expiration date of a certificate?

leirga11
New Member

We encountered some error on default certificates that are expiring. WE renewed the certificates but now we want to know if there is a command to check when will a certificate expire. I tried this command:

/opt/splunk/bin/openssl x509 -enddate -noout -in /opt/splunk/etc/auth/server.pem

However, I am getting message:

/opt/splunk/bin/openssl: error while loading shared libraries: libssl.so.1.0.0: cannot open shared object file: No such file or directory

Thanks in advance.

Labels (1)
0 Karma

ChristophR
Explorer

As others have pointed out, the openssl library can of course be used.  But, if you wanted to specifically hit the openssl binary from Splunk:

 

 

/opt/splunk/bin/splunk cmd openssl x509 -enddate -noout -in <PATH TO CERTIFICATE>

 

 

0 Karma

SierraX
Communicator

If you want to use the Splunk internal openssl, you have to source setSplunkEnv first. To `source` something in linux you can use the command source or like in my example a . (dot)

$: which openssl
/bin/openssl
$: . /opt/splunk/bin/setSplunkEnv
Tab-completion of "splunk <verb> <object>" is available.
$: which openssl
~/bin/openssl



0 Karma

PavelP
Motivator

Hello @leirga11

Update: you can just use the system's version of openssl (without /opt/splunk/bin/ 😞

openssl x509 -noout -text -in /opt/splunk/etc/auth/server.pem

is this a tgz splunk setup? Check that a corresponding libssl file present. Use strace -e open to check which files are being opened.

ldd - print shared library dependencies

$ ldd /opt/splunk/bin/openssl
        linux-vdso.so.1 =>  (0x00007ffe6c3c4000)
        libssl.so.1.0.0 => /opt/splunk/lib/libssl.so.1.0.0 (0x00007f7a76613000)
        libcrypto.so.1.0.0 => /opt/splunk/lib/libcrypto.so.1.0.0 (0x00007f7a7618c000)
        libdl.so.2 => /lib64/libdl.so.2 (0x00007f7a75f88000)
        libz.so.1 => /opt/splunk/lib/libz.so.1 (0x00007f7a765ee000)
        libc.so.6 => /lib64/libc.so.6 (0x00007f7a75bba000)
        /lib64/ld-linux-x86-64.so.2 (0x00007f7a76469000)

openssl - expected behaviour:

$ /opt/splunk/bin/openssl x509 -noout -text -in /opt/splunk/etc/auth/server.pem
Certificate:
    Data:
        Version: 1 (0x0)
        Serial Number:
            bf:66:ed:f8:8d:d2:74:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=CA, L=San Francisco, O=Splunk, CN=SplunkCommonCA/emailAddress=support@splunk.com
        Validity
            Not Before: Feb  8 13:40:25 2020 GMT
            Not After : Feb  7 13:40:25 2023 GMT
...

strace - trace system calls and signals

$ strace -e open /opt/splunk/bin/openssl x509 -noout -text -in /opt/splunk/etc/auth/server.pem
open("/opt/splunk/lib/tls/x86_64/libssl.so.1.0.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/opt/splunk/lib/tls/libssl.so.1.0.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/opt/splunk/lib/x86_64/libssl.so.1.0.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/opt/splunk/lib/libssl.so.1.0.0", O_RDONLY|O_CLOEXEC) = 3
open("/opt/splunk/lib/libcrypto.so.1.0.0", O_RDONLY|O_CLOEXEC) = 3
Get Updates on the Splunk Community!

New in Observability - Improvements to Custom Metrics SLOs, Log Observer Connect & ...

The latest enhancements to the Splunk observability portfolio deliver improved SLO management accuracy, better ...

Improve Data Pipelines Using Splunk Data Management

  Register Now   This Tech Talk will explore the pipeline management offerings Edge Processor and Ingest ...

3-2-1 Go! How Fast Can You Debug Microservices with Observability Cloud?

Register Join this Tech Talk to learn how unique features like Service Centric Views, Tag Spotlight, and ...