echo | openssl s_client -CApath /etc/openssl/certs -connect server.com:443 | openssl x509 -text

Just a little shell quickie for validating ssl certs.
Replace server.com with your real site and look for "Not After" for expiration.
To fix the "verify error:num=20:unable to get local issuer certificate" message you need to add the -CApath /etc/openssl/certs argument to s_client.