SSL Checker
Check SSL certificates
Frequently Asked Questions
How do I check if a website's SSL certificate is valid?
Enter the domain name. The tool connects via HTTPS and examines the SSL/TLS certificate. It checks: validity dates, issuer, subject, certificate chain, protocol version, cipher suite, and whether the certificate matches the domain name.
What does the SSL checker verify?
Certificate validity (not expired). Domain match (certificate covers the domain). Chain of trust (issued by a trusted CA). Protocol version (TLS 1.2/1.3). Key strength (2048+ bit RSA or 256+ bit ECC). HSTS header. Certificate transparency logs.
How do I know when my SSL certificate expires?
The tool shows the exact expiration date and days remaining. SSL certificates typically last 90 days (Let's Encrypt) or 1 year (commercial CAs). Set up monitoring to get alerts 30 days before expiry. Expired certificates cause browser security warnings.
What is the difference between TLS 1.2 and TLS 1.3?
TLS 1.3 (2018) is faster (1-RTT handshake vs 2-RTT) and more secure (removed weak ciphers, perfect forward secrecy mandatory). TLS 1.2 (2008) is still acceptable. TLS 1.0/1.1 are deprecated. The tool shows which versions the server supports.
What does "certificate chain incomplete" mean?
The server is not sending intermediate certificates. Browsers may still work (they can fetch intermediates), but some clients and tools will fail. Fix: configure your server to send the full chain (server cert + intermediate cert). The tool identifies missing chain links.