You inspired me to cobble something together (it’s in Bash, sorry).
It’s a script that checks the certificate expiration date for a bunch of domains, then uses notify-send to send a notification for each domain that has a certificate that expires in 3 days or less. Then I made it run in a cronjob once per hour.
/home/user/scripts/network/cert-checker.sh
#!/bin/bash
# List of domains to check
DOMAINS="forum.elixirforum.com erlangforums.com hex.pm hexdocs.pm"
# # Log file (optional, for debugging)
# LOG_FILE="/tmp/cert_check.log"
for domain in $DOMAINS; do
exp_date=$(echo | openssl s_client -connect $domain:443 -servername $domain 2>/dev/null | openssl x509 -noout -enddate | cut -d= -f2)
# Check if we got a valid date
if [ -n "$exp_date" ]; then
exp_time=$(date -d "$exp_date" +%s) &&
current_time=$(date +%s) &&
diff_seconds=$((exp_time - current_time)) &&
diff_days=$((diff_seconds / 86400)) &&
diff_hours=$(((diff_seconds % 86400) / 3600)) &&
if [ $diff_days -le 3 ] && [ $diff_days -ge 0 ]; then
notify-send "Certificate Alert" "$domain expires in $diff_days days and $diff_hours hours"
# # Optional: log to file
# echo "$(date): $domain expires in $diff_days days and $diff_hours hours" >> $LOG_FILE
fi
fi
done
Make it executable with chmod +x /path/to/script, then add it to a cronjob to check the certs once per hour:
0 * * * * DISPLAY=:0 /home/user/scripts/network/cert-checker.sh
Seems to be working so far.
I put this together with a lot of help from the new Qwen3-Coder model.






















