Before I found the
--keep-until-expiring option in the Let’s Encrypt command line client, I was thinking I’d have to parse the cert, extract the expiry date, then check it against the current date before returning True or False.
Thankfully I found the much easier option, but I decided to post the code I wrote to read the date just in case I need something like it in the future.
from datetime import datetime
from OpenSSL import crypto as c
cert = c.load_certificate(c.FILETYPE_PEM, file(‘/etc/letsencrypt/live/<domain>/cert.pem’).read())