SSL Certificate Checker
Check any domain's SSL certificate — expiry date, days remaining, issuer, SANs and signature algorithm — in seconds.
Free · No credit card · 50 credits/day
What you get from every check
Expiry date & days remaining
The exact date the certificate expires and a countdown of days left. Negative = already expired. Flag anything under 30 days for immediate renewal.
Issuer & Certificate Authority
The organisation that issued the certificate — Let's Encrypt, DigiCert, Sectigo, Comodo, etc. — and their Common Name.
Subject Alternative Names
Every domain name the certificate covers, including wildcard entries like *.example.com. Up to 20 SANs shown.
Signature algorithm
The algorithm used to sign the certificate — typically SHA256withRSA. MD5 and SHA-1 signatures are deprecated and flag a security warning.
Serial number
The unique hex identifier assigned by the CA. Useful for identifying a specific certificate when checking revocation lists (CRL/OCSP).
Valid / expired status
A clear valid or expired flag based on the current date vs the certificate's not-after date.
DV, OV and EV certificates
Three validation levels — same encryption, different identity assurance.
| Type | Validates | Issuance time | Best for |
|---|---|---|---|
| DV Domain Validation |
Domain control only | Minutes | Personal sites, blogs, Let's Encrypt |
| OV Organisation Validation |
Domain + org identity | 1–3 days | Business websites, SaaS |
| EV Extended Validation |
Strict legal entity vetting | 1–5 days | Banks, e-commerce, high-trust sites |
All three types provide the same TLS encryption — they differ only in how much identity information the CA has verified.
⏰ When to renew
Let's Encrypt auto-renews at 30 days. For paid certs, set a calendar reminder at 30 days — most CAs take 1–3 days to reissue.
Frequently asked questions
Related security tools
More tools to audit your site's security posture.
Check a certificate now
Free account. 50 credits per day. Access to 75+ tools instantly.
Create free account →