An expired TLS certificate is one of the most embarrassing — and preventable — outages in software engineering. It doesn't announce itself in advance. It just silently breaks your HTTPS handshake at 2 AM, taking down your API, your dashboard, or your customer portal with it. pkiwatch-py is the Python library and CLI I built to make sure that never happens on your watch. What pkiwatch-py Does pkiwatch-py gives engineers a fast, scriptable way to inspect TLS certificates across enterprise endpoints — tracking expiry dates, issuer chains, and compliance posture without requiring a full-blown monitoring platform. It's designed to fit naturally into CI/CD pipelines, cron jobs, Cloud Scheduler triggers, and operational runbooks.…