All Collections
SIEM
How to check your keystore.p12 expiry date on Windows
How to check your keystore.p12 expiry date on Windows

In this guide we'll take you through the steps to check the expiry of your keystore.p12 file on Windows.

Alan Butcher avatar
Written by Alan Butcher
Updated over a week ago

If your collector stops logging into our SIEM platform we may ask you to check the expiry date of your Keystore certificate. This certificate ensures a secure connection between your collector and our SIEM platform. Without this, we won't be able to receive any logs from your collector.

  1. First, we need your keystore password, this will be found in your 90-output.conf file which should be in the default location:

    C:\Program Files\logstash\config\pipeline\

  2. Make a note of the password displayed on the following line:

    ssl_keystore_password => ""

  3. Launch Command Prompt by pressing Windows Key + R to open the Run window.

    Type cmd and press Enter.

  4. Run the following command:

    certutil -dump keystore.p12

  5. You will be asked to enter the password you made a note of in Step 2.

  6. The certutil command will display detailed information about the certificates in the .p12 file, including their expiration dates.

  7. Look for the section that corresponds to your certificate, and you'll find the NotAfter field, which indicates the expiration date of the certificate.

    ================ Certificate 0 ================ 
    ... 
    NotAfter: MM/DD/YYYY HH:MM:SS AM/PM

    That's it! πŸŽ‰ You now have the expiry date of your keystore.p12 file.

Did this answer your question?