Home Tools SSL Certificate Checker

SSL Certificate Checker

Check any domain's TLS certificate — expiry, issuer, chain integrity, hostname coverage, and key strength. Equivalent to openssl s_client -connect domain:443 but readable.

Real TLS handshake — not cached Results in seconds No domain data stored
Try:
Enter a valid domain (e.g. example.com)
Connecting and reading certificate…
Security Analysis
Issued To
Certificate Authority
Days Remaining
Valid From
Expires On
Key Type & Strength
Covered Domains (Subject Alternative Names)
Certificate Chain
TLS Certificate — Validation Checklist
CheckRequirementBrowser error if failed
ExpiryCertificate within notBefore / notAfter validity periodERR_CERT_DATE_INVALID
HostnameDomain listed in Subject Alternative Names (SAN extension, RFC 5280)ERR_CERT_COMMON_NAME_INVALID
ChainLeaf + intermediate CA(s) served — root CA trusted by browserERR_CERT_AUTHORITY_INVALID
Key strengthRSA ≥ 2048-bit or ECDSA ≥ 256-bit (P-256 / P-384)Certificate flagged as weak
Sig algorithmSHA-256 or better — SHA-1 deprecated since 2016 (CA/B Forum)Rejected by Chrome / Firefox
CT loggingCertificate Transparency log entry (SCT) — mandatory since 2018ERR_CERTIFICATE_TRANSPARENCY_REQUIRED