[{"data":1,"prerenderedAt":236},["ShallowReactive",2],{"tool-content-ssl-checker":3},{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"title":8,"description":7,"slug":9,"faqs":10,"body":32,"_type":229,"_id":230,"_source":231,"_file":232,"_stem":233,"_extension":234,"sitemap":235},"\u002Ftools\u002Fssl-checker","tools",false,"","Ssl Checker","ssl-checker",[11,14,17,20,23,26,29],{"q":12,"a":13},"What is an SSL\u002FTLS certificate?","An SSL\u002FTLS certificate is a digital document that authenticates a website's identity and enables encrypted connections. It contains the domain name, the certificate authority (CA) that issued it, the validity period, and a public key used for encryption. When you see the padlock icon in your browser, the site has a valid SSL certificate.",{"q":15,"a":16},"What is the difference between SSL and TLS?","SSL (Secure Sockets Layer) is the older protocol, now considered insecure. TLS (Transport Layer Security) is its modern, secure replacement. Despite SSL being deprecated, the term \"SSL certificate\" is still commonly used colloquially for what are technically TLS certificates. All modern sites use TLS 1.2 or 1.3.",{"q":18,"a":19},"What happens when an SSL certificate expires?","When a certificate expires, browsers display a security warning to visitors and block access to the site by default. Search engines may also lower the site's ranking. Most browsers show a full-page warning with options to go back or proceed at your own risk. It's critical to renew certificates before they expire.",{"q":21,"a":22},"How often do SSL certificates need to be renewed?","As of 2020, SSL certificates are issued for a maximum of 398 days (about 13 months). Many providers offer 90-day certificates (like Let's Encrypt) with automated renewal. It's best practice to renew at least 30 days before expiry to avoid outages.",{"q":24,"a":25},"What is a wildcard SSL certificate?","A wildcard certificate covers a domain and all its immediate subdomains. A certificate for *.example.com covers www.example.com, mail.example.com, app.example.com, etc., but not sub.subdomain.example.com. Wildcard certificates are convenient for organizations with many subdomains.",{"q":27,"a":28},"What is certificate transparency?","Certificate Transparency (CT) is an open framework for monitoring SSL certificates. All publicly trusted CAs are required to log issued certificates to public CT logs. This allows anyone to monitor certificates issued for their domains and detect unauthorized certificates. Our tool uses CT log data from crt.sh.",{"q":30,"a":31},"What is the difference between DV, OV, and EV certificates?","DV (Domain Validation) certificates verify only that the applicant controls the domain — they're quick and free (Let's Encrypt). OV (Organization Validation) certificates verify the organization's identity — requires documentation. EV (Extended Validation) certificates require rigorous vetting and used to show a green bar in browsers, though most browsers have removed this visual distinction.",{"type":33,"children":34,"toc":222},"root",[35,44,50,72,78,135,140,146,156,166,176,182,192,202,212],{"type":36,"tag":37,"props":38,"children":40},"element","h2",{"id":39},"what-is-ssltls",[41],{"type":42,"value":43},"text","What is SSL\u002FTLS?",{"type":36,"tag":45,"props":46,"children":47},"p",{},[48],{"type":42,"value":49},"SSL (Secure Sockets Layer) and its successor TLS (Transport Layer Security) are cryptographic protocols that provide secure communication over the internet. When a website has SSL\u002FTLS, all data transmitted between the visitor's browser and the server is encrypted — protecting passwords, personal information, and any other sensitive data from interception.",{"type":36,"tag":45,"props":51,"children":52},{},[53,55,62,64,70],{"type":42,"value":54},"The padlock icon in your browser's address bar indicates an active SSL\u002FTLS connection. The ",{"type":36,"tag":56,"props":57,"children":59},"code",{"className":58},[],[60],{"type":42,"value":61},"https:\u002F\u002F",{"type":42,"value":63}," prefix (as opposed to ",{"type":36,"tag":56,"props":65,"children":67},{"className":66},[],[68],{"type":42,"value":69},"http:\u002F\u002F",{"type":42,"value":71},") indicates the site uses encryption.",{"type":36,"tag":37,"props":73,"children":75},{"id":74},"how-to-use-the-ssl-checker",[76],{"type":42,"value":77},"How to use the SSL Checker",{"type":36,"tag":79,"props":80,"children":81},"ol",{},[82,115,125],{"type":36,"tag":83,"props":84,"children":85},"li",{},[86,92,94,99,101,107,109],{"type":36,"tag":87,"props":88,"children":89},"strong",{},[90],{"type":42,"value":91},"Enter a domain name",{"type":42,"value":93}," (without ",{"type":36,"tag":56,"props":95,"children":97},{"className":96},[],[98],{"type":42,"value":61},{"type":42,"value":100},") — for example ",{"type":36,"tag":56,"props":102,"children":104},{"className":103},[],[105],{"type":42,"value":106},"google.com",{"type":42,"value":108}," or ",{"type":36,"tag":56,"props":110,"children":112},{"className":111},[],[113],{"type":42,"value":114},"anottertoolbox.dev",{"type":36,"tag":83,"props":116,"children":117},{},[118,123],{"type":36,"tag":87,"props":119,"children":120},{},[121],{"type":42,"value":122},"Click \"Check SSL\"",{"type":42,"value":124}," — the tool fetches certificate information from public certificate transparency logs",{"type":36,"tag":83,"props":126,"children":127},{},[128,133],{"type":36,"tag":87,"props":129,"children":130},{},[131],{"type":42,"value":132},"Review the results",{"type":42,"value":134}," — you'll see whether the certificate is valid, how many days until expiry, the issuer, and validity dates",{"type":36,"tag":45,"props":136,"children":137},{},[138],{"type":42,"value":139},"The tool uses certificate transparency data from crt.sh, which logs all publicly trusted certificates.",{"type":36,"tag":37,"props":141,"children":143},{"id":142},"understanding-the-results",[144],{"type":42,"value":145},"Understanding the results",{"type":36,"tag":45,"props":147,"children":148},{},[149,154],{"type":36,"tag":87,"props":150,"children":151},{},[152],{"type":42,"value":153},"Days until expiry",{"type":42,"value":155}," — the most critical metric. Green means you have time, yellow means renewal is approaching, red means the certificate has expired or is expiring very soon.",{"type":36,"tag":45,"props":157,"children":158},{},[159,164],{"type":36,"tag":87,"props":160,"children":161},{},[162],{"type":42,"value":163},"Issuer",{"type":42,"value":165}," — the Certificate Authority (CA) that issued the certificate. Common CAs include Let's Encrypt (free, automated), DigiCert, Comodo\u002FSectigo, and GlobalSign.",{"type":36,"tag":45,"props":167,"children":168},{},[169,174],{"type":36,"tag":87,"props":170,"children":171},{},[172],{"type":42,"value":173},"Valid from \u002F Valid to",{"type":42,"value":175}," — the certificate's validity window. Certificates issued after September 2020 are valid for a maximum of 398 days.",{"type":36,"tag":37,"props":177,"children":179},{"id":178},"common-ssl-issues-and-fixes",[180],{"type":42,"value":181},"Common SSL issues and fixes",{"type":36,"tag":45,"props":183,"children":184},{},[185,190],{"type":36,"tag":87,"props":186,"children":187},{},[188],{"type":42,"value":189},"Certificate expired",{"type":42,"value":191}," — renew immediately. If you use Let's Encrypt, check that your auto-renewal setup (certbot or similar) is working correctly.",{"type":36,"tag":45,"props":193,"children":194},{},[195,200],{"type":36,"tag":87,"props":196,"children":197},{},[198],{"type":42,"value":199},"Certificate not trusted",{"type":42,"value":201}," — the certificate may be self-signed or issued by a CA not trusted by browsers. Use a certificate from a trusted CA.",{"type":36,"tag":45,"props":203,"children":204},{},[205,210],{"type":36,"tag":87,"props":206,"children":207},{},[208],{"type":42,"value":209},"Wrong domain",{"type":42,"value":211}," — the certificate was issued for a different domain. Ensure the certificate covers your exact domain (and www subdomain if needed).",{"type":36,"tag":45,"props":213,"children":214},{},[215,220],{"type":36,"tag":87,"props":216,"children":217},{},[218],{"type":42,"value":219},"Mixed content",{"type":42,"value":221}," — the page loads over HTTPS but includes HTTP resources. All resources must be served over HTTPS.",{"title":7,"searchDepth":223,"depth":223,"links":224},2,[225,226,227,228],{"id":39,"depth":223,"text":43},{"id":74,"depth":223,"text":77},{"id":142,"depth":223,"text":145},{"id":178,"depth":223,"text":181},"markdown","content:tools:ssl-checker.md","content","tools\u002Fssl-checker.md","tools\u002Fssl-checker","md",{"loc":4},1777882945756]