TLS-01 / TLS & CERTIFICATES
SSL / TLS Certificate Checker
Inspect a website's TLS certificate: issuer, validity dates, days until expiry, protocol version, and every hostname it covers.
About the SSL / TLS Certificate
Your TLS certificate is what makes the padlock appear and encrypts traffic to your site. An expired or misconfigured certificate breaks trust and can take a site offline in browsers. This tool inspects a site's certificate: issuer, validity window, expiry countdown, and covered hostnames.
What this tool checks
It establishes a TLS connection, reads the presented certificate, and reports the subject, issuer, valid-from and valid-to dates, days remaining, negotiated protocol, and every hostname in the certificate.
Watch the expiry
Certificates expire, and an expired certificate produces a hard browser warning. This tool highlights certificates that are expired or expiring within three weeks so you can renew in time.
Frequently asked questions
How long are SSL certificates valid?
Publicly-trusted TLS certificates are now capped at around 398 days, and many are issued for 90 days. Automated renewal, such as with Let's Encrypt, is the norm.
What does 'certificate expired' mean?
The certificate's validity end date has passed, so browsers no longer trust it and show a security warning. Renew and reinstall the certificate to fix it.
What are SAN hostnames?
The Subject Alternative Name field lists every hostname a certificate is valid for. A certificate only secures the exact names listed there, including any wildcards.