Openssl is an open source implementation SSL protocol. It is widely used and it has different functions which allows you to check CSR, Certificate and it’s expiry.
Here are some basic open commands which will be useful when you are dealing with certificate or anything related to that.
To decode certificate.
[root@server ~]# openssl x509 -in certificate.crt -text -noout
Check Expiry Date of Certificate Using OpenSSL command
[root@server ~]# cat certificate.crt | openssl x509 -noout -enddate
How to see if Certificate and a Private Key match.
Compare the output from both commands. If they are identical then the private key matches the certificate.
openssl pkey -in privateKey.key -pubout -outform pem | sha256sum openssl x509 -in certificate.crt -pubkey -noout -outform pem | sha256sum
Above are the most basic Operations and Widely used. Do let me know if you want us to add more here. So you can refer here.