How to Check SSL Certificates
SSL/TLS certificates are the foundation of secure communication on the web. They encrypt data between your browser and a website, and they verify that you're connecting to the legitimate server. Here's everything you need to know about checking and understanding SSL certificates.
Check SSL Certificate βWhat Is an SSL Certificate?
An SSL (Secure Sockets Layer) certificate β technically now TLS (Transport Layer Security) β is a digital certificate that authenticates a website's identity and enables an encrypted connection. When you see the padlock icon π in your browser's address bar, it means the site has a valid SSL certificate.
SSL certificates are issued by Certificate Authorities (CAs) like Let's Encrypt, DigiCert, Sectigo, and others. The CA verifies that the certificate requester controls the domain before issuing the certificate.
Key Certificate Details to Check
When examining an SSL certificate, pay attention to these critical fields:
- Issuer β the Certificate Authority that issued the certificate. Let's Encrypt is the most common free CA; commercial CAs include DigiCert, Sectigo, and GlobalSign.
- Subject / Common Name β the domain the certificate was issued for. This should match the domain you're visiting.
- Validity period β certificates have a "Not Before" and "Not After" date. Most certificates are now valid for 90 days (Let's Encrypt) to 1 year.
- Subject Alternative Names (SANs) β additional domains covered by the certificate. A cert for
example.comoften also coverswww.example.com. - Days remaining β how many days until the certificate expires. Certificates that expire cause browser warnings and break trust.
Types of SSL Certificates
There are three validation levels for SSL certificates:
- Domain Validated (DV) β the most common type. The CA only verifies domain control. Let's Encrypt issues DV certificates. Fast and free or cheap.
- Organization Validated (OV) β the CA verifies the organization's identity. Shows company name in certificate details. Used by businesses.
- Extended Validation (EV) β the highest level. Requires extensive verification of the organization. Previously showed a green bar in browsers, though most browsers have removed this visual distinction.
For most websites, a DV certificate provides adequate security. The encryption strength is the same regardless of validation level β the difference is only in identity verification.
Common SSL Problems
Here are the most frequent SSL issues you might encounter:
- Expired certificate β the certificate's validity period has passed. Solution: renew immediately. Use auto-renewal tools like certbot.
- Name mismatch β the certificate doesn't match the domain. Common when accessing a site via an IP or wrong subdomain.
- Incomplete certificate chain β the server isn't sending intermediate certificates. Fix by configuring the full chain on your server.
- Mixed content β the page loads over HTTPS but includes HTTP resources. Fix by updating all resource URLs to HTTPS.
- Self-signed certificate β not issued by a trusted CA. Only appropriate for development, never production.
How to Check with Our Tool
Our domain intelligence tool checks SSL certificates automatically. Enter any domain and enable "Include SSL & Email Security" to see the full certificate details including issuer, expiry date, days remaining, and Subject Alternative Names.
Combined with DNS record analysis and email security checks, you get a complete picture of a domain's security posture. You can also check your domain's WHOIS registration data to ensure everything is properly configured.
Check Any Domain's SSL β