What does 'expires soon' mean?

Certificates with fewer than 30 days remaining are flagged as 'Expires Soon'. Most certificate authorities (Let's Encrypt, DigiCert) allow renewal 30+ days before expiry. Set up auto-renewal to avoid outages.

What is a Subject Alternative Name (SAN)?

SANs are additional domain names covered by the certificate. A wildcard SAN like *.example.com covers all subdomains. Browsers check SANs to verify the certificate covers the requested domain.

What does 'self-signed' mean?

A self-signed certificate is issued by the domain itself, not a trusted Certificate Authority. Browsers will show a security warning for self-signed certificates on public sites. Use Let's Encrypt for free trusted certificates.

SSL Certificate Checker

Uses external API

Check SSL certificate validity, expiry date, issuer, and SANs for any domain.

Check any domain's SSL/TLS certificate status. Instantly see validity, days until expiry, issuer, protocol version, Subject Alternative Names, and chain trust — color-coded with expiry warnings.

🌐

Server-side — ToolDock connects to the domain you enter to read its SSL certificate. The domain's server will see a connection from our IP.

🌐 Uses external API · See disclaimer above

How to use

Enter a domain
Type a domain name (e.g. example.com). HTTPS:// prefix is optional — it's stripped automatically.
Click Check SSL
ToolDock connects to port 443 on the domain and reads the certificate.
Review results
See the validity status badge, days remaining, issuer, protocol (TLS 1.3 / 1.2), and all Subject Alternative Names.

Common use cases

Monitoring certificate expiry before a renewal deadline — Check days remaining on a production domain's SSL certificate to schedule renewal before it expires and causes browser warnings.
Verifying a new certificate after installation — Confirm that a freshly issued Let's Encrypt or DigiCert certificate is valid, trusted, and covers the correct domain names.

Examples

Production domain check
Check your production domain's SSL certificate before a release
Output
```
VALID — 89 days remaining — Issued by: Let's Encrypt — TLS 1.3
```

Frequently asked questions

What does 'expires soon' mean?: Certificates with fewer than 30 days remaining are flagged as 'Expires Soon'. Most certificate authorities (Let's Encrypt, DigiCert) allow renewal 30+ days before expiry. Set up auto-renewal to avoid outages.
What is a Subject Alternative Name (SAN)?: SANs are additional domain names covered by the certificate. A wildcard SAN like *.example.com covers all subdomains. Browsers check SANs to verify the certificate covers the requested domain.
What does 'self-signed' mean?: A self-signed certificate is issued by the domain itself, not a trusted Certificate Authority. Browsers will show a security warning for self-signed certificates on public sites. Use Let's Encrypt for free trusted certificates.

Key concepts

SAN (Subject Alternative Name): A certificate field listing additional domain names covered by the certificate — e.g., *.example.com covers all subdomains.
Certificate chain: The sequence of certificates from a leaf certificate up to a trusted root CA, used by browsers to verify the certificate's legitimacy.

You might find these useful too.

More network tools

IP Address Lookup
Look up any IP address for country, city, ISP, and coordinates.
Open