SSL Checker
To inspect a live SSL certificate, enter a public hostname below and run a lookup.
More Information About the SSL Checker
The SSL Checker connects to your server and inspects the SSL/TLS certificate it presents during the handshake. Use it to quickly diagnose problems with your installation and verify your certificate is correctly installed, valid, and trusted.
The checker runs the following checks against the live connection:
- Certificate installation — confirms an SSL certificate is presented on the requested port.
- Intermediate chain — verifies the server sends all intermediate certificates so browsers can build a complete chain of trust.
- Expiration date — shows the validity window and how many days remain before the certificate expires.
- Hostname match — confirms the certificate's Common Name or Subject Alternative Names cover the hostname you tested.
- Signature algorithm — flags weak hash algorithms like SHA-1 or MD5.
- TLS versions — lists which TLS versions (1.0, 1.1, 1.2, 1.3) the server supports.
For internal hostnames not reachable from the public internet, you can verify the certificate locally using OpenSSL:
openssl s_client -connect example.com:443 -servername example.com
If you need an SSL certificate, you can request one from Netrust.
Enter a public hostname to fetch and review the current server certificate.
Lookup Summary
Fast interpretation of the live certificate result for this host.
No certificate result yet
Run a hostname lookup to generate a live SSL report.
Certificate Checks
Operational checks for trust, hostname coverage, validity, and certificate type.
| Check | Value |
|---|
Certificate Details
Identity, issuer, validity window, fingerprints, and handshake properties.
| Property | Value |
|---|
Subject Alternative Names
Hostname and identity entries announced by the certificate.
SSL/TLS Handshake
Negotiated connection details captured during the live TLS handshake.
| Property | Value |
|---|


