SSL check
Inspect certificate issuer, expiry, and SANs. Data sourced from Certificate Transparency logs.
Related tools
About this tool
This tool uses crt.sh, which mirrors every certificate logged in public Certificate Transparency (CT) logs. Modern certificate authorities are required to log certs to CT before issuance, so for virtually any public domain, the most recently issued valid cert is what's currently being served.
We also do a HEAD request to the domain over HTTPS to confirm the server actually responds and isn't, for example, serving a valid cert on a broken site.
For full TLS handshake details — supported cipher suites, OCSP stapling, vulnerability checks like Heartbleed — use Qualys SSL Labs. This tool optimizes for "is my cert valid and when does it expire," which is what most users need most of the time.