You can look at the details of the certificate by adding the name you gave the certificate after that type of cert your looking at. See example below.
(ARUBA-MC01) [MDC] *#show crypto-local pki trustedCA InCommon-Root
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:fd:6d:30:fc:a3:ca:51:a8:1b:bc:64:0e:35:03:2d
Signature Algorithm: sha384WithRSAEncryption
Issuer: C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
Validity
Not Before: Feb 1 00:00:00 2010 GMT
Not After : Jan 18 23:59:59 2038 GMT
Subject: C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:80:12:65:17:36:0e:c3:db:08:b3:d0:ac:57:0d:
76:ed:cd:27:d3:4c:ad:50:83:61:e2:aa:20:4d:09:
2d:64:09:dc:ce:89:9f:cc:3d:a9:ec:f6:cf:c1:dc:
f1:d3:b1:d6:7b:37:28:11:2b:47:da:39:c6:bc:3a:
19:b4:5f:a6:bd:7d:9d:a3:63:42:b6:76:f2:a9:3b:
(ARUBA-MC01) [MDC] *#show crypto-local pki trustedCA InCommon-Root | include "Not After"
Not After : Jan 18 23:59:59 2038 GMT
------------------------------
Dustin Burns
------------------------------
Original Message:
Sent: Mar 30, 2021 08:14 PM
From: Bradley Marshall
Subject: Certificate Expiration Inventory Automation for Aruba Controllers/APs
Hey Folks,
If we have hundreds of controllers and thousands of APs - how are we supposed to create an automated inventory so renewals can be planned well ahead of time through the year along with hundreds of other renewals we plan.
The CLi commands below do not even include the expiration date - you have to manually click through a GUI? What is the enterprise solution to this problem? An SNMP trap 60 days until expiration is not enough due to annual planning of thousands of certificates across many vendors for lifecycle management.
(NodeName) *#show crypto-local pki
allow-low-assurance-d.. Show low-assurance-devices config status
CRL Show Certificate Revocation List
crl-stats Show CRL requests stats
IntermediateCA Show an intermediate CA certificate
ocsp-client-stats Show OCSP client stats
OCSPResponderCert Show a OCSP Responder certificate
OCSPSignerCert Show a OCSP Signer certificate
PublicCert Show a public certificate
rcp Show revocation check point
ServerCert Show a server certificate
service-ocsp-responder Show OCSP Responder service status
TrustedCA Show a trusted CA certificate
(NodeName) *#show crypto-local pki TrustedCA
Certificates
------------
Name Original Filename Reference Count Expired
-------------- ----------------- --------------- -------
XYZPROD xyz.cer 3 No
XYZ01 XYZ01.cer 0 No
------------------------------
Bradley Marshall
------------------------------