Skip to content
Security Tools

SSL Checker

Check SSL certificate details for any domain: issuer, expiry, chain.

100% client-side: your files never leave your browser

Fetches certificate transparency logs from crt.sh

SSL/TLS (Secure Sockets Layer / Transport Layer Security) encrypts communication between a client and server. When you connect to a website via HTTPS, the server presents a certificate that your browser verifies.

Certificate Authority (CA): A trusted third party that signs and issues SSL certificates. Browsers maintain a list of trusted CAs.

Certificate Chain: Your certificate is signed by an intermediate CA, which is signed by a root CA. The browser verifies this chain of trust.

  • Expired certificates cause browser warnings
  • Domain name mismatch (cert doesn't match the URL)
  • Self-signed certificates not trusted by browsers
  • Missing intermediate certificates in the chain
  • Weak cipher suites or outdated TLS versions
  • Use TLS 1.2 or higher (prefer TLS 1.3)
  • Automate certificate renewal (e.g., Let's Encrypt)
  • Enable HSTS (HTTP Strict Transport Security)
  • Use strong cipher suites (AES-256-GCM, ChaCha20)
  • Implement Certificate Transparency monitoring
  • Set up OCSP stapling for faster verification