Free tool

SSL certificate checker

Paste any HTTPS URL or hostname to see its SSL certificate — who issued it, when it expires, what hostnames it covers, and the details you'd need to debug a TLS issue.

Paste any HTTPS URL or hostname. Checked over port 443.

What this checks

We perform a TLS handshake against port 443 of the hostname you provide and read the server's leaf certificate. No HTTP requests are made beyond the handshake — we never touch your site's actual pages, headers, or content.

Common expiry windows

  • Let's Encrypt: 90 days. Renewals should be automated; if yours isn't, this tool is the early warning.
  • Commercial CAs (DigiCert, Sectigo, GoDaddy): typically 1 year (was up to 2 years until 2020, when browser policy capped at ~398 days).
  • Internal / enterprise CAs: vary — often 1-3 years. Track these manually because they don't expire on a predictable cadence.

Want to be alerted before expiry?

Uptimera tracks SSL certificate expiry on every monitor and emails you 30, 14, 7, and 1 day out. The free plan covers 5 monitors — get set up in two minutes.