openssl binary replaced with golang crypto/x509 library

main.go

@@ -4,8 +4,11 @@ import (
 	"bufio"
 	"bytes"
 	"context"
+	"crypto/x509"
 	"encoding/json"
+	"encoding/pem"
 	"fmt"
+	"io/ioutil"
 	"net"
 	"net/http"
 	"os"
@@ -1263,16 +1266,21 @@ func getOvpnCaCertExpireDate() time.Time {
 	}
 
 	caCertPath := *easyrsaDirPath + "/pki/ca.crt"
-	caCertExpireDate := runBash(fmt.Sprintf("openssl x509 -in %s -noout -enddate | awk -F \"=\" {'print $2'}", caCertPath))
-
-	dateLayout := "Jan 2 15:04:05 2006 MST"
-	t, err := time.Parse(dateLayout, strings.TrimSpace(caCertExpireDate))
+	caCert, err := ioutil.ReadFile(caCertPath)
 	if err != nil {
-		log.Errorf("WARNING: can`t parse expire date for CA cert: %v\n", err)
+		log.Errorf("error read file %s: %s", caCertPath, err.Error())
+	}
+
+	certPem, _ := pem.Decode(caCert)
+	certPemBytes := certPem.Bytes
+
+	cert, err := x509.ParseCertificate(certPemBytes)
+	if err != nil {
+		log.Errorf("error parse certificate ca.crt: %s", err.Error())
 		return time.Now()
 	}
 
-	return t
+	return cert.NotAfter
 }
 
 // https://community.openvpn.net/openvpn/ticket/623