SSL Certificate Checker
Verify SSL/TLS certificates — expiry date, issuer, subject alternative names, fingerprint, and validity.
ssl.sh
Processing…
What is an SSL Certificate?
An SSL (Secure Sockets Layer) or TLS (Transport Layer Security) certificate encrypts data between a web browser and server. It also verifies the server's identity, preventing man-in-the-middle attacks. Sites with valid SSL certificates display a padlock in the browser address bar and use https://.
SSL certificates have an expiry date — typically 1 year or 90 days (for Let's Encrypt certificates). Expired certificates cause browser security warnings that drive users away. Use this tool to monitor expiry dates before they cause problems.
Frequently Asked Questions
When an SSL certificate expires, browsers display a security warning to visitors: "Your connection is not private" or "This site is not secure." Most users will leave immediately. Search engines may also penalize sites with expired certificates. Renew certificates at least 30 days before expiry.
A self-signed certificate is signed by the same entity it certifies, rather than by a trusted Certificate Authority (CA). Browsers do not trust self-signed certificates and show warnings. They are fine for internal/development use but not for public websites.
Subject Alternative Names are additional hostnames that a single SSL certificate covers. For example, a certificate might cover both example.com and www.example.com. Wildcard certificates (*.example.com) cover all subdomains.