For the last several months, I have been working with customers as they upgrade their SDDCs. One of the more impactful Day 2 activities that occurs during these upgrades is a the updating of vCenter and NSX certificates during Phase 1. During my time as an Engineer, we would keep certificates for 3-5 years as a part of our lifecycle management as we were 100% on premises. In contrast, many cloud providers are beginning to set certificate expiration to one year. This a faster rate of change than what many are accustomed to who manage on premises datacenters. While VMC manages these SDDC certs for you, many customers have asked me how they can continue to pull the cert expiration info so it can still be documented internally. Here is a simple openSSL command that can be run via Github. Trying something new!! FYI, this command needs to be run via a Linux VM that can access vCenter via IP or FQDN. Hope this helps some of you!!