Enter a domain to check its SSL/TLS certificate status, including expiry, issuer, and certificate chain.
1. Enter domain: Enter the full domain (e.g., github.com), no https:// prefix needed.
2. Click Check: The system queries crt.sh certificate transparency logs for the domain.
3. View Results: See certificate expiry, issuer CA, SAN domain list, and more.
Enter a domain (e.g., example.com) and click "Check Certificate". The system queries crt.sh certificate transparency logs to retrieve certificate info including expiry, issuer, and certificate chain.
If your SSL certificate has expired, visitors will see a security warning. Renew or reissue with your CA. Free providers like Let's Encrypt and ZeroSSL support auto-renewal. Set up auto-renewal to avoid expiry.
Possible reasons: 1) No HTTPS configured; 2) No certificate in transparency logs (new certs take time to sync); 3) Self-signed certificate. Try SSL Labs for a more complete test.
SAN (Subject Alternative Name) allows multiple domains in one SSL certificate. A SAN cert can protect www.example.com, example.com, api.example.com, and more — no need for separate certificates per subdomain.