To check the expiration date of a TLS/SSL certificate from the command-line, you can use the openssl tool.
First, use the s_client command to connect to the server and retrieve the certificate:
openssl s_client -connect example.com:443
This will display the certificate and other information about the connection. To view just the certificate, you can use the -showcerts option:
openssl s_client -connect example.com:443 -showcerts
To view the expiration date of the certificate, you can use the x509 command to parse the certificate and display its details:
openssl x509 -in certificate.crt -text -noout
Replace certificate.crt with the path to the certificate file. The -text option displays the certificate in human-readable format, and the -noout option suppresses the output of the certificate data itself.
The expiration date of the certificate will be displayed in the Validity section, under the Not After field.
For more information on the openssl tool and its options, you can refer to the documentation or use the man command to view the manual pages.