The problem
Developers and ops teams get blindsided by expired SSL certificates because checking expiry requires remembering a multi-flag openssl s_client command and parsing its dense output — so certs get forgotten until the site goes red.
If you've hit this before, you know how it goes — you Google the openssl command, squint at wall-of-text output, and compute the expiry date by hand. Or you just forget until monitoring fires.
As a solution, I created cert-peek
Check SSL certificate expiry and details for any domain in seconds from your terminal
It's zero-dependency Node.js, so you can run it immediately without installing anything:
npx cert-peek github.com
Output:
$ npx cert-peek github.com
Domain: github.com
Issuer: DigiCert Inc
Valid from: 2025-03-12
Expires: 2026-03-12
Status: OK -- 303 days remaining
Check multiple domains at once:
npx cert-peek google.com stripe.com myproductionsite.com
Use in CI as a pre-flight check (exits 1 if any cert expires within 30 days):
npx cert-peek myproduction.site || echo 'WARNING: cert expiring soon'
How it works
Pure Node.js using the built-in tls module — no dependencies. Opens a raw TLS socket to port 443, calls getPeerCertificate(), parses validity dates, and computes days remaining. Color-coded output and a non-zero exit code make it CI-friendly.
Why I built it
Found repeated threads on r/devops and r/webdev where engineers asked how to quickly check cert expiry without a monitoring service. The openssl command is hard to remember, and popular npm packages like ssl-checker require installation and have dependencies. A zero-dep npx tool that prints a clean one-screen summary fills a genuine daily-use gap for both local dev and CI pre-flight checks.
Try it
npx cert-peek --help
Part of µ micro — one new developer CLI tool, shipped every day. All tools are zero-dependency Node.js and run instantly with npx.
Top comments (0)