Check SSL certificate expiry with PHP and curl

Today I wanted to create a simple way to check the expiry date of my SSL certificates to avoid getting hit by unexpected error messages in the browser (although I’m using Lets Encrypt auto-renew features, I sometimes get a container with an expired certificate). I’m already using CachetHQ as my statuspage with a custom PHP script that I run on an old webspace without any other scripting features.

So, I went ahead and created this abomination of a script to give me a simple JSON output with all my URLs and their expiry in days:

<?php
header('Content-Type: application/json');

$urls = array("https://url1" => -1, "https://url2" => -1);

foreach ($urls as $url => $expiry) {
	$ch = curl_init();
	curl_setopt($ch, CURLOPT_URL, $url);
	curl_setopt($ch, CURLOPT_CONNECT_ONLY, true);
	curl_setopt($ch, CURLOPT_CERTINFO, true);
	curl_exec($ch);
	$certInfo = curl_getinfo($ch, CURLINFO_CERTINFO);
	curl_close($ch);
	$expiryDate = date_create_from_format("M d H:i:s Y T", $certInfo[0]['Expire date']);
	$expiry = $expiryDate-&gt;diff(new DateTime())->days;
	$urls&#91;$url] = $expiry;
}

print(json_encode($urls));

The output looks something like this:

{"https:\/\/url1":66,"https:\/\/url2":59}

Because it’;s getting late on an already long day, I’ll leave it at this and think about integrating it into my CachetHQ setup on another day.

Maybe it helps out when you’re looking for a simple thing to play with though.

Update I have now integrated the check into my script and will get notified before any certificate expires. I have 57 days until this happens for one of the certificates.

• php