SSL Certificate Checker

Verify your SSL certificate installation, check expiration dates, and diagnose common SSL issues instantly.

Check SSL Certificate

Analyze any domain's SSL/TLS configuration instantly

Try:

Analyzing SSL certificate for

Connecting Parsing cert Analyzing chain

SSL Grade
Certificate Validity Timeline
Issued
Expires
Today
Security Checks
  • Server connection
  • Hostname coverage
  • Certificate validity
  • Expiration risk
Certificate Details
Domain
Issuer
Country
Algorithm
Certificate Names (SAN)
Certificate Chain

What We Check

Certificate Validity

Verifies the certificate is valid and hasn't expired or been revoked.

Certificate Chain

Ensures the full chain of trust is properly configured up to the root CA.

Expiration Date

Shows when the certificate expires so you can renew before it lapses.

Encryption Strength

Checks the key size and cipher suite to verify strong encryption is in use.

How We Calculate Your SSL Grade

Your SSL grade is determined by evaluating four key security factors. Each factor is checked in priority order — the worst-failing factor sets the final grade.

A+
Excellent — Maximum Security
  • TLS 1.3 negotiated
  • Strong key: RSA ≥ 2048-bit or ECDSA ≥ 224-bit
  • Certificate valid & hostname covered
  • Expires in more than 30 days
A
Good — Meets Current Standards
  • TLS 1.2 in use (TLS 1.3 not negotiated)
  • Strong key: RSA ≥ 2048-bit or ECDSA ≥ 224-bit
  • Certificate valid & hostname covered
  • Expires in more than 30 days
B
Fair — Renewal Required Soon
  • Certificate is still valid & hostname is covered
  • Expires within 8–30 days — plan renewal now
C
Poor — Configuration Issues Detected
  • TLS 1.0 or TLS 1.1 in use (deprecated, insecure)
  • RSA key < 2048-bit (weak encryption)
  • ECDSA key < 224-bit (insufficient strength)
  • Expires within 7 days or less
F
Failed — Certificate Cannot Be Trusted
  • Certificate is expired
  • Hostname not covered by CN or SAN
  • Certificate is otherwise invalid or untrusted
  • Could not connect to the server on port 443
Priority order: Grades are awarded by checking F conditions first, then C, then B, then A, then A+. The first failing condition sets your grade — so a certificate using TLS 1.3 but expiring in 3 days will still receive a C.

Need a New SSL Certificate?

Generate a free, trusted SSL certificate for your domain in under 5 minutes.

Generate Free SSL