liminfo

SSL Checker

Free web tool: SSL Checker

Open in External SSL Check Tool

SSL Labs

Qualys SSL Labs - Detailed SSL/TLS analysis and grading (A~F)

SSL Shopper

Certificate chain, expiry, compatibility check

DigiCert

DigiCert SSL installation diagnostic tool

SSL-Tools.net

Webserver SSL configuration check

Enter a domain to activate external tool links.

Info

  • Detailed SSL certificate information cannot be retrieved directly due to browser CORS policy.
  • After a simple HTTPS connection check, please use external tools for detailed analysis.
  • SSL Labs provides the most detailed analysis results (A~F grading).

About SSL Checker

The SSL Certificate Checker lets you verify a domain's HTTPS connectivity and launch in-depth SSL/TLS analysis in four specialized external tools. Enter any domain name (with or without `https://`), click Check Connection, and the tool performs an HTTPS fetch to confirm the domain is reachable over a secure connection. Due to browser CORS restrictions, raw certificate details like expiry date and chain cannot be read client-side, but you get instant confirmation of whether the HTTPS endpoint responds.

Web developers, system administrators, DevOps engineers, and security professionals use this tool as a quick first step when auditing a website's SSL configuration. After the initial connectivity check, four external services are pre-linked for deeper analysis: SSL Labs by Qualys (the industry-standard A–F grading system), SSL Shopper (certificate chain and expiry date inspection), DigiCert's SSL installation diagnostic tool (detects misconfigurations like wrong intermediate certificates), and SSL-Tools.net (webserver SSL configuration details).

The tool normalizes the domain input — stripping `https://`, `http://`, and any trailing path before making the fetch — so you can paste a full URL and get correct results without manual cleanup. Each external tool button constructs its own service-specific URL with the cleaned domain and opens in a new tab, keeping your current session intact. All client-side connection checks use `no-cors` mode since certificate inspection APIs are not available in browser contexts.

Key Features

  • HTTPS connectivity check that confirms whether a domain responds over a secure connection
  • Automatic domain normalization — strips https://, http://, and trailing paths from pasted URLs
  • One-click launch to SSL Labs (Qualys A-F grading) with domain pre-filled
  • One-click launch to SSL Shopper for certificate chain, expiry date, and browser compatibility check
  • One-click launch to DigiCert SSL Installation Diagnostics to detect certificate chain issues
  • One-click launch to SSL-Tools.net for webserver SSL configuration analysis
  • External tool links activate only after a valid domain is entered, preventing accidental navigation to blank checks
  • Dark mode support and responsive layout for use on any device

Frequently Asked Questions

What does the HTTPS connection check actually do?

The tool performs a `fetch()` request to `https://[domain]` using `no-cors` mode and measures how long it takes. If the fetch completes without throwing an error, it reports the domain as connected and shows the response time in milliseconds. A failure (often due to CORS policy blocks) is reported with a note to use the external tools for detailed analysis.

Why can't the tool show SSL certificate details directly?

Browser security restrictions prevent JavaScript from accessing raw TLS/SSL certificate data. The Web Crypto API and Fetch API do not expose certificate details like expiry date, issuer, or cipher suites. These details require a server-side TLS handshake inspection, which is why external tools like SSL Labs and DigiCert run server-side analysis and return detailed reports.

What does SSL Labs grade A-F mean?

SSL Labs grades websites from A+ to F based on the quality of their TLS configuration. An A or A+ means strong protocol support (TLS 1.2/1.3 only), strong cipher suites, correct certificate chain, no known vulnerabilities, and proper HSTS. Lower grades indicate issues like support for weak protocols (SSL 3.0, TLS 1.0), expired certificates, or chain problems.

What does SSL Shopper check?

SSL Shopper verifies that your SSL certificate is correctly installed by checking the certificate chain from your server's certificate up through any intermediate certificates to the root CA. It also shows the certificate expiry date, the issuing CA, and tests whether the certificate is trusted by common browsers and operating systems.

What does DigiCert's diagnostic tool check?

DigiCert's SSL Installation Checker detects common installation problems such as missing intermediate certificates (a frequent cause of "certificate not trusted" errors on some browsers or devices), expired certificates, domain name mismatches between the certificate's Common Name/SAN and the actual domain, and whether the certificate revocation list is accessible.

Can I check an IP address instead of a domain name?

You can enter an IP address in the domain field and the connection check will attempt to reach it via HTTPS. However, SSL Labs and SSL Shopper work best with domain names because SSL certificates are typically issued to domain names (Common Name or Subject Alternative Names), not bare IP addresses, unless the certificate specifically includes the IP as a SAN.

Why does the connection check sometimes report a failure even when the site has valid SSL?

Browser CORS policy prevents cross-origin requests from reading response headers or bodies, which can cause the fetch to throw an error even when the HTTPS connection succeeds. The `no-cors` mode used here allows the request to complete but still throws in some cases depending on the server's response. This is a browser limitation, not an indication that the certificate is invalid — use the external tools for authoritative results.

What is the difference between SSL and TLS?

SSL (Secure Sockets Layer) is the original protocol developed in the 1990s. TLS (Transport Layer Security) is its successor and the protocol actually used by modern HTTPS connections. SSL 2.0 and 3.0 are deprecated and considered insecure. Current best practice is TLS 1.2 as a minimum, with TLS 1.3 being the most secure and efficient version. The term "SSL certificate" remains common but the certificates themselves are used with TLS.