TLS/SSL Certificate
Fetches the TLS/SSL certificate from a host and shows its issuer, subject, validity period, SAN list, and expiry countdown. Quickly catch expired or soon-to-expire certificates and misconfigured chains.
Frequently asked questions
- What do these fields mean?
- Issuer is who signed the certificate (Let's Encrypt, DigiCert, etc.). Subject is the domain it covers. SAN lists extra domains. "Valid From/To" is the validity window; "Days Remaining" shows the expiry countdown.
- My certificate is valid but the browser shows a warning — why?
- Common causes: hostname mismatch (the SAN does not include the URL you are using), incomplete chain (server did not send intermediate certs), or weak cipher. Check Security Headers for related warnings.
- Does this work with self-signed certificates?
- Yes, we show the info, but we flag self-signed and expired certs as invalid. Most clients will refuse them too.