Security
SSL Certificate Viewer
Paste a domain to fetch certificate details. Zero data sent beyond the lookup.
The SSL Certificate Viewer fetches the public certificate for a domain and shows key details such as issuer, expiration date, and Subject Alternative Names (SANs). It helps you confirm that a site is properly secured and that the certificate covers the domains you expect.
Certificate details
Expiry, issuer, and subject alternative names.
Status
-
Expires
-
Days remaining
-
Issuer
-
Common name
-
Subject Alternative Names (SAN)
What this tool does
The SSL Certificate Viewer fetches the public certificate for a domain and shows key details such as issuer, expiration date, and Subject Alternative Names (SANs). It helps you confirm that a site is properly secured and that the certificate covers the domains you expect.
When to use this tool
Use it during release checks, domain migrations, or incident response when you need to verify certificate status quickly. It can also support security reviews alongside the Browser Fingerprint Checker to understand a site's security posture and client-side exposure.
How it works
The tool establishes a secure connection to the target domain, reads the certificate presented by the server, and extracts metadata such as issuer, validity window, and SANs. It then calculates days remaining until expiration so you can plan renewals in advance.
Example use case
You are migrating a site to a new hosting provider and need to confirm the new certificate is valid before DNS cutover. Enter the domain, check the issuer and expiration date, and confirm all required subdomains appear in the SAN list. If everything looks correct, proceed with the switch.
Use cases
- Check certificate expiry before a release.
- Verify SAN coverage for a new subdomain.
- Confirm issuer details after a migration.
Notes & limitations
Results depend on the certificate currently served by the domain and may differ behind load balancers or CDN layers. The tool does not validate certificate chains beyond the presented data, and it cannot check certificate revocation status. Always verify critical systems with your infrastructure monitoring tools.
Wildcard certificates will list wildcard SANs (for example, `*.example.com`) rather than each subdomain. Make sure the specific hostnames you use are covered by the certificate pattern. If you use multiple regions or clusters, test each endpoint to confirm consistent certificate deployment.
Certificates may renew automatically, so check the expiry window periodically to catch misconfigurations early.
Track issuer changes to detect unexpected certificate swaps.
Record renewal dates in your monitoring calendar.
