Free SSL Checker

Enter any domain to instantly check its SSL/TLS certificate. View expiration date, issuer, subject alternative names (SANs), and full certificate chain status — no login required.

This tool is crafted by Authgear
Support and star us on

More Developer Tools

JWT & JWE Debuger
JWK Generator
HMAC Tool
SAML Testing Tool
TOTP Authenticator
Password Hash Generator
Base64 Decode and Encode
UUID v7 Generator & Timestamp Extractor
Certificate Details Inspection
View detailed SSL certificate information for any HTTPS domain, including subject, issuer, validity period, subject alternative names (SANs), fingerprints, and other technical attributes.
Certificate Chain Status
Verify whether the certificate chain is complete and trusted. Quickly check chain validity, trusted root status, and the total number of certificates in the chain.
Certificate Chain Visualization
Inspect the full certificate hierarchy from the leaf certificate (your domain) through intermediate certificates to the root certificate authority.

How the Tool Works

Step 1.
Enter a website URL (for example: https://www.authgear.com/) and click Inspect.
Step 2.
Retrieve certificate information. The tool connects to the server and fetches the SSL/TLS certificate presented by the website.
Step 3.
Review certificate details and chain. The results display certificate metadata, chain status, and the full certificate hierarchy.

Ready to Add HTTPS and Authentication to Your App?

Authgear is an authentication platform that handles login, MFA, SSO, and session management for your app, so your team doesn't have to build it from scratch.

Get Started for Free

What Is an SSL Certificate?

An SSL certificate (more accurately a TLS certificate — SSL is the older name that stuck) enables encrypted HTTPS communication between a user's browser and a web server. It does two things:

Encryption — scrambles data in transit so it can't be read by anyone intercepting the connection.

Identity verification — proves that the server you're connecting to is actually who it claims to be, not an impostor.Certificates are issued by Certificate Authorities (CAs) — trusted third parties like Let's Encrypt, DigiCert, and Sectigo. When your browser connects to a site, it checks that the certificate was issued by a CA it trusts, the domain matches, and the certificate hasn't expired.
Types of SSL/TLS certificates:

DV (Domain Validated)
Confirms domain ownership only. Fast and cheap (Let's Encrypt is DV). Suitable for most sites.

OV (Organization Validated)
Verifies the organization behind the domain. Common for business sites.

EV (Extended Validation)
the highest level; requires rigorous identity checks. Used by banks and large enterprises.

What Is a Certificate Chain?

A certificate chain is a sequence of certificates that links your website's certificate back to a root Certificate Authority (CA) that browsers trust.The chain has three levels:

Leaf certificate (your site's certificate) — issued directly to your domain.

Intermediate certificate(s) — issued by the root CA to an intermediate CA, which then issues certificates to websites. This keeps the root CA offline and protected.

Root certificate — self-signed by a trusted CA. Pre-installed in browsers and operating systems.

Why does this matter?
If the intermediate certificate is missing from the server's configuration, browsers can't verify the chain and will show a security error — even if your leaf certificate is perfectly valid. This is one of the most common SSL configuration mistakes. Our checker visualizes the full chain so you can spot gaps instantly.

How long do SSL certificates last?

Let's Encrypt certificates expire every 90 days (auto-renewing). Paid CA certificates typically last 1–2 years. Since September 2020, the maximum validity period for publicly trusted certificates is 398 days. Apple and Google are pushing toward 90-day maximums industry-wide.

What happens when an SSL certificate expires?

Browsers immediately show a "Your connection is not private" error and block users from reaching the site. This is why monitoring expiry dates matters.

SSL vs TLS — What's the Difference?

SSL (Secure Sockets Layer) is the original protocol, now deprecated. All versions of SSL have known security vulnerabilities. TLS (Transport Layer Security) is its successor and what all modern HTTPS connections actually use — TLS 1.2 and TLS 1.3.
The term "SSL certificate" is still widely used, but technically every certificate in use today is a TLS certificate. When people say "SSL checker", they mean checking the TLS certificate on a server. This tool checks both — it reports the TLS version negotiated and the certificate details.
Preferences

Privacy is important to us, so you have the option of disabling certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may impact your experience on the website.

Accept all cookies

These items are required to enable basic website functionality.

Always active

These items are used to deliver advertising that is more relevant to you and your interests.

These items allow the website to remember choices you make (such as your user name, language, or the region you are in) and provide enhanced, more personal features.

These items help the website operator understand how its website performs, how visitors interact with the site, and whether there may be technical issues.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

This Dev Tool is crafted by Authgear

Open source Auth0/Clerk/Firebase alternative. Passkeys, SSO, MFA, passwordless, biometric login.

Star us on
Close