Linux TLS/SSL certificate expiration

Description

Check for expiring TLS certificates on Linux hosts by advancing the system clock forward one day, one week, and one month. Detect certificates that will expire before they cause outages.

What this Scenario does

This Scenario advances the system clock on your Linux hosts forward by one day, one week, and one month. This triggers certificate validation logic and reveals any TLS/SSL certificates that will expire within those time windows—without waiting for them to actually expire.

Why run this Scenario?

  • Proactively identify expiring certificates on Linux infrastructure before they cause production outages.
  • Test certificate rotation automation on Linux systems, including Certbot and ACME integrations.
  • Verify that monitoring detects upcoming certificate expirations on your Linux hosts.
  • Validate that NTP synchronization recovers correctly after the time shift on Linux.

Expected outcome

If a TLS certificate expires without renewal, the service on the Linux host fails gracefully and alerts trigger immediately.

Target
Linux
Linux
Microsoft Windows
Windows
Experiments
Time Travel
Time Travel
Preview
Estimated runtime:  
5 minutes