An expired SSL certificate is one of the loudest site outages: most modern browsers refuse to load the page, and engines instantly downrank. The tool connects to the target domain on port 443, reads the certificate, verifies expiry, trust chain, and the supported protocols (TLS 1.2 / 1.3) — in full within 3–5 seconds.
What gets checked
- Certificate expiration date and days remaining.
- Certificate issuer (Let's Encrypt, GlobalSign, DigiCert, etc.).
- Trust chain: intermediate and root certificates.
- Supported TLS versions and cipher suites.
- Subdomains covered by the certificate (SAN list).