SSL Certificate Checker
Inspect the SSL/TLS certificate for any domain β validity period, issuer, protocol version, cipher strength, and Subject Alternative Names.
What does an SSL certificate do?
An SSL/TLS certificate encrypts the connection between browser and server, and verifies the server's identity. When you visit an HTTPS site, the browser checks the certificate's validity, expiry date, and whether it was issued by a trusted Certificate Authority. If any check fails, browsers display a full-page warning.
Understanding SSL grades
Grades come from Qualys SSL Labs. A+ means modern TLS 1.3, strong ciphers, HSTS and no vulnerabilities. A is strong. B usually means TLS 1.0/1.1 still enabled. C or below means weak ciphers or protocol vulnerabilities. F means the certificate is expired or the domain is unreachable over HTTPS.
Certificate expiry and days remaining
SSL certificates expire after 90 days (Let's Encrypt) or 1-2 years (paid CAs). An expired certificate causes all major browsers to show a full-page warning. The validity bar shows how much of the certificate's lifetime remains. Set reminders when fewer than 30 days remain to avoid unexpected expiry.
Subject Alternative Names (SANs)
Modern certificates cover multiple domains through SANs. A certificate for github.com may also cover www.github.com and other subdomains. Wildcard entries like *.example.com cover all immediate subdomains. When checking if a domain is covered by a certificate, look at the SANs list.