[ 'capture_peer_cert' => true, 'verify_peer' => false, 'verify_peer_name' => false, ] ]); $client = @stream_socket_client( "ssl://{$host}:443", $errno, $errstr, 10, STREAM_CLIENT_CONNECT, $context ); if (!$client) { $error = "Could not connect to " . h($host) . " on port 443. The server may not support SSL/TLS or is not reachable."; } else { $params = stream_context_get_params($client); $cert = openssl_x509_parse($params['options']['ssl']['peer_certificate'] ?? ''); fclose($client); if (!$cert) { $error = "SSL certificate could not be read."; } else { $valid_from = date('d.m.Y', $cert['validFrom_time_t']); $valid_to = date('d.m.Y', $cert['validTo_time_t']); $days_left = (int)(($cert['validTo_time_t'] - time()) / 86400); $is_valid = $days_left > 0; $san = []; if (isset($cert['extensions']['subjectAltName'])) { preg_match_all('/DNS:([^,\s]+)/', $cert['extensions']['subjectAltName'], $m); $san = $m[1]; } $result = [ 'host' => $host, 'cn' => $cert['subject']['CN'] ?? '–', 'issuer' => $cert['issuer']['O'] ?? ($cert['issuer']['CN'] ?? '–'), 'issuer_cn' => $cert['issuer']['CN'] ?? '–', 'valid_from' => $valid_from, 'valid_to' => $valid_to, 'days_left' => $days_left, 'is_valid' => $is_valid, 'san' => $san, 'serial' => $cert['serialNumberHex'] ?? '–', 'algo' => $cert['signatureTypeSN'] ?? '–', 'version' => ($cert['version'] ?? 0) + 1, ]; } } } require_once __DIR__ . '/header.php'; ?>

Tool

SSL Check

Analyze SSL/TLS certificate of a website

Status

0 ? $result['days_left'] . ' days' : 'Expired' ?>

Expires in

Issuer

SAN Domains

Certificate Details

Domain

Common Name (CN)

Issuer

Issuer CN

Valid from

Valid until

Days remaining 0 ? $result['days_left'] . ' days' : 'Expired' ?>

Serial number

Algorithm

VersionTLS v

SAN Domains ()

Continue with

HTTP Headers DNS Lookup WHOIS IP Lookup

Enter a URL or domain to check the SSL certificate. Works without https:// too.

My IP SSL Check DNS Lookup HTTP Headers IP Lookup

What is an SSL certificate?

An SSL/TLS certificate is a digital document that confirms the identity of a website and enables encrypted data transmission. The "https://" in the address bar indicates that a secure connection exists. Important components: The CN (Common Name) specifies which domain the certificate was issued for. The CA (Certificate Authority) is the trusted entity that issued the certificate (e.g. Let's Encrypt, DigiCert). SAN entries (Subject Alternative Names) list all domains for which the certificate is valid.