SSL Certificate Checker
Inspect the SSL/TLS certificate chain, expiry date, key strength, and security configuration for any HTTPS-enabled website.
Checking…
What is an SSL/TLS certificate?
An SSL/TLS certificate enables encrypted HTTPS connections between a browser and a web server. It verifies the server's identity and ensures that data in transit cannot be intercepted or modified.
What TLS version should my site use?
TLS 1.3 is the current best practice — it is faster (1-RTT handshake vs 2-RTT for TLS 1.2) and uses only modern, secure cipher suites. TLS 1.2 is still acceptable. TLS 1.0 and 1.1 are deprecated and insecure.
Frequently Asked Questions
Enter your website URL above. The tool will connect to your server, inspect the TLS certificate, and show the exact expiry date with a countdown. Certificates from Let's Encrypt expire every 90 days; commercial certificates typically last 1-2 years.
TLS 1.3 is the current best practice — it is faster (1-RTT handshake vs 2-RTT for TLS 1.2) and uses only modern, secure cipher suites. TLS 1.2 is still acceptable. TLS 1.0 and 1.1 are deprecated and insecure — all major browsers have removed support.
ECDSA P-256 is recommended for new certificates. It provides equivalent security to RSA 3072-bit with much smaller key sizes, resulting in faster TLS handshakes and smaller certificates. Most CAs (Let's Encrypt, DigiCert) support ECDSA.