diff --git a/.github/workflows/monokle-publish.yml b/.github/workflows/monokle-publish.yml
index eecf325db3..6a69addf0d 100644
--- a/.github/workflows/monokle-publish.yml
+++ b/.github/workflows/monokle-publish.yml
@@ -36,6 +36,14 @@ jobs:
         run: |
           brew install jq
 
+      - name: Check MacOS certs expiration
+        run: |
+          ls -la
+          chmod +x .github/workflows/scripts/check-osx-cert-exp.sh && .github/workflows/scripts/check-osx-cert-exp.sh
+        env:
+          CERTIFICATE_OSX_APPLICATION: ${{ secrets.MONOKLE_MACOS_CERTS }}
+          CERTIFICATE_PASSWORD: ${{ secrets.MONOKLE_MACOS_CERTS_PASSWORD }}
+
       - name: Add MacOS certs
         run: |
           ls -la
diff --git a/.github/workflows/scripts/check-osx-cert-exp.sh b/.github/workflows/scripts/check-osx-cert-exp.sh
new file mode 100644
index 0000000000..88d0f10855
--- /dev/null
+++ b/.github/workflows/scripts/check-osx-cert-exp.sh
@@ -0,0 +1,22 @@
+#!/usr/bin/env sh
+
+KEY_CHAIN=build.keychain
+CERTIFICATE_P12=certificate.p12
+
+# Recreate the certificate from the secure environment variable
+echo $CERTIFICATE_OSX_APPLICATION | base64 --decode > $CERTIFICATE_P12
+
+# Get expiration date of the certificate
+CERT_EXPIRATION_DATE=$(openssl pkcs12 -in certificate.p12 -passin pass:$CERTIFICATE_PASSWORD -nokeys | openssl x509 -noout -enddate | cut -d= -f2)
+echo "Certificate expires on: $CERT_EXPIRATION_DATE"
+
+# Compare the expiration date with the current date
+CERT_EXPIRATION_DATE=$(date -j -f "%b %d %T %Y %Z" "$CERT_EXPIRATION_DATE" +"%Y-%m-%d")
+CURRENT_DATE=$(date +"%Y-%m-%d")
+
+if [[ "$CURRENT_DATE" > "$CERT_EXPIRATION_DATE" ]]; then
+  echo "The certificate has expired."
+  exit 1
+else
+  echo "The certificate is valid."
+fi