How often do SSL certificates need to be renewed?

Most commercial certificates are valid for 1 year. Let's Encrypt certificates expire every 90 days but can be auto-renewed. It's recommended to renew at least 30 days before expiry.

Are free SSL certificates safe?

Yes. Free DV certificates from Let's Encrypt use the same encryption strength as paid ones. The difference is in validation level and warranty, not security.

How can I check if my SSL certificate is working?

Enter your domain in the tool above. You can also visit your website and click the padlock icon in the browser address bar to view certificate details.

SSL Certificate Checker

Check SSL/TLS certificate validity, expiry, issuer, protocol version and security grade for any domain. Ensure your website is secure for visitors.

What is an SSL Certificate?

An SSL (Secure Sockets Layer) certificate encrypts data between a visitor's browser and your web server. When installed correctly, your site shows a padlock icon and uses HTTPS instead of HTTP. This protects passwords, credit card numbers, and personal data from being intercepted.

Why SSL Matters for Your Website

Security — Encrypts all data in transit, preventing eavesdropping and man-in-the-middle attacks.
Trust — Browsers display a padlock icon and "Connection is secure" message, building visitor confidence.
SEO Ranking — Google uses HTTPS as a ranking signal. Sites without SSL may rank lower in search results.
Compliance — PCI DSS and data protection regulations require encryption for sites handling personal or payment data.
Performance — Modern TLS enables HTTP/2, which can actually make your site faster.

Types of SSL Certificates

DV: Domain Validated (DV) — Verifies domain ownership only. Fastest to issue (minutes). Ideal for blogs and small sites. Free options available (Let's Encrypt).
OV: Organization Validated (OV) — Verifies the organisation's identity. Shows company name in certificate details. Good for business websites.
EV: Extended Validation (EV) — Strictest verification. Previously showed a green bar in browsers. Best for e-commerce and financial sites.
Wildcard: Wildcard — Covers a domain and all its subdomains (*.example.com). Cost-effective for sites with many subdomains.
SAN / Multi-Domain: Multi-Domain (SAN/UCC) — Covers multiple different domain names under one certificate.

Common SSL Problems & Solutions

Expired Certificate — Browsers will block the page. Renew immediately or set up auto-renewal (e.g., via Let's Encrypt with certbot).
Name Mismatch — The certificate was issued for a different domain. Reissue with the correct domain name or add it as a SAN.
Incomplete Chain — The server isn't sending intermediate certificates. Install the full CA bundle provided by your SSL vendor.
Mixed Content — The page loads some resources (images, scripts) over HTTP. Update all internal links to use HTTPS or relative URLs.
Self-Signed Certificate — Not trusted by browsers. Use a certificate from a recognized CA like Let's Encrypt, Sectigo, or DigiCert.

Buy an SSL Certificate from Provider.lk