Dealing with a browser security warning on a site you manage? Not sure when a Let's Encrypt cert auto-renews? Need to verify the certificate chain is complete after deploying a new bundle?
I built a free browser-based tool for this: SSL Certificate Checker.
What it checks
Enter any domain (example.com or paste a full URL) and the tool does a live TLS handshake from the server. You get:
- Status — Valid ✓, Expired ✗, or Not Found ✗
- Expiry countdown — exact date + days remaining (warns at ≤30 days, urgent at ≤14)
- Issuer — Let's Encrypt, DigiCert, Sectigo, etc.
- Key algorithm — RSA 2048-bit, EC 256-bit, etc.
- Subject Alternative Names — up to 5 SANs shown + overflow count
- Certificate chain — Complete ✓ or Incomplete ⚠
When to use it
- Before a site launch — confirm HTTPS is correctly set up
- Browser shows "Your connection is not private" — get the exact reason
- Let's Encrypt auto-renewal isn't working (Certbot sometimes fails silently)
-
NET::ERR_CERT_AUTHORITY_INVALID— often a missing intermediate CA in the chain - Check SAN coverage across a multi-domain or wildcard cert
How it works
Server-side PHP uses stream_socket_client to connect to {domain}:443, captures the certificate and chain via SSL context, then parses with openssl_x509_parse(). Rate-limited at 5 checks per minute per IP. No data is logged.
Free, no account required: at-use.com/tools/ssl-checker
Top comments (0)