Ignore certificates which are not present in 'pki/issued' sub-dir.
This includes certs moved to expired, renewed or revoked sub-dirs. These can all be ignored because their validitiy is irrelevant. (Ignore serial number mismatches as irrelevant)
Drop all use of 'date' binary.
Only use OpenSSL format modifiers to control date format.
Try to use ISO8601 date format, as of OpenSSL v3.
Otherwise, fallback to default certificate date format.
Major simplification for command 'show-expire'.
This includes certs moved to expired, renewed or revoked sub-dirs. These can all be ignored because their validitiy is irrelevant. (Ignore serial number mismatches as irrelevant)
Only use OpenSSL format modifiers to control date format.
Otherwise, fallback to default certificate date format.