# How to Determine Ssl Cert Expiration Date From a Pem Encoded Certificate?

To determine the SSL certificate expiration date from a PEM-encoded certificate, you can use the `openssl` command-line tool. Here's how to do it:

### Step 1: View the Certificate Information

Use the `openssl x509` command to display the details of the certificate, including the expiration date.

```bash
openssl x509 -in your_certificate.pem -noout -dates
```

- `in your_certificate.pem`: Specifies the input PEM file containing the certificate.
- `noout`: Prevents `openssl` from outputting the entire certificate.
- `dates`: Outputs the certificate's start (`notBefore`) and end (`notAfter`) dates.

### Example

If your PEM-encoded certificate is named `certificate.pem`, the command would be:

```bash
openssl x509 -in certificate.pem -noout -dates
```

### Expected Output

The command will output something like:

```bash
notBefore=Mar 20 12:00:00 2023 GMT
notAfter=Mar 20 12:00:00 2024 GMT
```

- **notBefore**: The date and time when the certificate becomes valid.
- **notAfter**: The date and time when the certificate expires.

### Step 2: Interpret the Dates

- The **notAfter** date tells you when the certificate will expire.
- Ensure that your system time is correctly set to avoid misinterpretation of the expiration date.

### Summary

By using the `openssl x509 -in your_certificate.pem -noout -dates` command, you can easily find the expiration date of your SSL certificate from a PEM-encoded certificate file.