diff --git a/gen-aws-creds.sh b/gen-aws-creds.sh
index 95d4d87add651f4b8f18695d63038d4ceed7599a..c15beb2a3207be2a54380aa91b33c4949bcda021 100755
--- a/gen-aws-creds.sh
+++ b/gen-aws-creds.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-
+#set -x
 # Generates time-bound AWS credentials from vault secrets engine
 # stashes credentials in the vault token cubbyhole to avoid generating 
 # new credentials when previously generated creds have not expired
@@ -78,7 +78,8 @@ if [[ $vault_loggedon = 'TRUE' ]]; then
         # use date or gdate for linux/mac interop
         # gdate on mac: brew install coreutils
         now=$(date +%s 2>/dev/null) && expiration_u=$(date -d "$expiration" +%s 2>/dev/null) || {
-            now=$(gdate +%s) && expiration_u=$(gdate -d "$expiration" +%s) 
+            now=$(gdate +%s 2>/dev/null) && expiration_u=$(gdate -d "$expiration" +%s 2>/dev/null)  || 
+            now=$(date +%s 2>/dev/null) && expiration_u=$(date -j -f "%m/%d/%Y %H:%M:%S"  "$expiration" +%s 2>/dev/null)
         }
 
         # check if stashed creds have not expired
@@ -139,9 +140,9 @@ if [[ ( $creds_generated == 'TRUE' ) && ( $creds_get_new == 'TRUE' ) ]]; then
 
     # calc lease expiration time
     # use date or gdate for linux/mac interop
-    expiration=$(date --date="$request_time+ $lease_duration seconds" '+%m/%d/%Y %T' 2>/dev/null) || {
-        expiration=$(gdate --date="$request_time+ $lease_duration seconds" '+%m/%d/%Y %T') 
-    }
+    expiration=$(date --date="$request_time+ $lease_duration seconds" '+%m/%d/%Y %T' 2>/dev/null) || 
+        expiration=$(gdate --date="$request_time+ $lease_duration seconds" '+%m/%d/%Y %T' 2>/dev/null)  ||
+        expiration=$(date -j -f "%a %b %d %T %Z %Y"  -v+${lease_duration}S "$request_time" '+%m/%d/%Y %T' 2>/dev/null)
 
     if [[ ( $access_key ) && ( $secret_key ) ]]; then
         export AWS_SECRET_ACCESS_KEY=$secret_key