What does the SSL Certificate Checker do?

It checks multiple domains at once for certificate expiry dates, issuer information, CDN domain detection, and certificate chain validation. It flags anything expiring within 200 days — not the standard 30 — to catch broken renewal pipelines early.

Does this tool send my domain list anywhere?

The tool queries the public Certificate Transparency log API (crt.sh) using your domain names. No data is stored. The queries are the same as any browser making a public API request.

Why does ConfigClarity flag certificates at 200 days instead of 30?

Let's Encrypt certificates expire every 90 days and are designed to auto-renew at 60 days remaining. If renewal breaks on day 1, a 30-day alert fires at day 60 — giving you 30 days to debug a failure that has been silent for 60. The 200-day threshold catches broken renewal pipelines while you still have runway.

What does the orange CDN flag mean on SSL results?

An orange flag indicates the domain is fronted by a CDN (Cloudflare, Fastly, Akamai). CDN-fronted domains have two certificates — the CDN edge certificate and the origin certificate. The tool flags these because most monitoring only checks the CDN cert, missing the origin cert expiry.

SSL Certificate Expiry Checker — Bulk Domains

🕐 Cron Builder & Visualiser Visualize job overlaps 🔒 SSL Checker Check cert expiry 🐳 Docker Auditor Audit compose files 🛡️ Firewall Auditor Audit UFW rules 🔀 Reverse Proxy Mapper Map routing & audit 🤖 robots.txt Audit crawl & AI bots

Your SSL timeline will appear here after you paste domains and click Visualize.

No domains to check — add at least one domain above.

< 7 days < 30 days Safe Error >200 day cert

Note: Some domains (Google, Cloudflare, Akamai) use private CAs not fully indexed in public certificate logs.

How It Works

1. Paste

Paste any number of domains, one per line. No https:// needed.

2. Check

Click Check domains. Results appear progressively — each domain is queried from Certificate Transparency logs.

3. Review

Color-coded cards show expiry, issuer and days remaining. Export as PNG. Nothing leaves your browser.

Frequently Asked Questions

What does this SSL checker do?

Paste any number of domains and instantly see certificate expiry dates, issuer, and status. Color-coded results show which certs are healthy, expiring soon, or already expired.

Why is my domain showing orange?

Orange means the domain is served via a CDN (like Cloudflare or Fastly). The certificate shown belongs to the CDN, not your origin server. This is normal but worth knowing.

How is the 200-day SSL limit relevant?

Apple proposed reducing the maximum SSL certificate validity to 200 days by 2027, with a phased reduction starting in 2026 (47-day cap by 2027). This tool flags any cert whose total validity period exceeds 200 days — these were issued under the old 398-day rules and will need replacement at next renewal.

Does this tool store my domain names?

No. All checks run directly from your browser. Your domains are never sent to or stored on any ConfigClarity server.

Why is a domain showing an error?

The domain may be unreachable, blocking CORS requests, or using a self-signed certificate. Try checking it directly with your browser first.

SSL Certificate Expiry Checker — free online bulk SSL tool. Paste multiple domains and instantly check TLS certificate expiry dates. Color-coded results show certificates expiring in under 7 days in red, under 30 days in orange, and healthy certificates in green. Detects CDN-issued certificates from Cloudflare, Fastly and Akamai. Uses Certificate Transparency logs via crt.sh. Free SSL monitoring tool with no signup required. All processing runs client-side in your browser.