How do I check my SSL certificate?

Upload your certificate file (PFX, PEM, CRT, CER, or DER format) to CertTools. The tool will parse and display all certificate information including validity dates, issuer, subject, and key information. All processing happens in your browser for maximum privacy.

Is CertTools free to use?

Yes, CertTools is completely free to use. There are no subscriptions, registration requirements, or hidden fees.

Is my certificate data secure?

Absolutely. CertTools processes all certificates locally in your browser using WebAssembly. Your private keys and passwords never leave your device. The tool works completely offline by default.

Free Online Certificate Checker - SSL/TLS Inspector

Analyze and inspect SSL certificates, TLS certificates, PFX/PKCS#12 files, and X.509 certificates online. Fast, secure, and completely private certificate validation tool.

All certificate processing happens locally in your browser using WebAssembly. Your private keys and sensitive data never leave your device.

Operation Mode

Paranoid ModeOnline Checks

Offline Mode (Default)

All processing happens in your browser. Zero network activity. Private keys never leave your device.

Upload Certificate(s)

Certificate File(s)

Select one or more files: PFX/P12 (with private key), PEM, CRT, CER, DER

Hostname (Optional)

Verify certificate is valid for this hostname

Loading WebAssembly module...

Loading Certificate Inspector...

🔒 Certificate Security Features

Private keys never leave your browser
PFX passwords processed in-memory only
Best-effort memory wiping after operations
Strict Content Security Policy
No third-party scripts or analytics

⚙️ SSL Certificate Checker Capabilities

Parse and analyze PKCS#12 (.pfx/.p12) certificate files
View SSL certificate details and metadata securely
Verify SSL certificate chains offline
Check SSL certificate expiration dates
OCSP/CRL certificate revocation validation

📖 How to Use Our SSL Certificate Checker

Offline Certificate Inspection (Default)

Upload your .pfx, .p12, PEM, CRT, CER, or DER certificate file with password. All certificate parsing and validation happens locally in your browser with zero network activity. Perfect for inspecting sensitive SSL/TLS certificates without privacy concerns.

Paranoid Mode - Maximum Privacy

Enforces strict offline-only certificate checking. Certificate parsing is disabled when browser detects network connectivity. Disconnect from network to proceed. Best for maximum privacy when analyzing confidential certificates and private keys.

Online Mode - Certificate Revocation Checks

Enable online validation to perform OCSP (Online Certificate Status Protocol) and CRL (Certificate Revocation List) checks. Only public certificate data is transmitted; private keys and passwords never leave your device. Many OCSP/CRL endpoints lack CORS headers - use the local helper for best results.

Local Helper Service

Optional localhost proxy service that performs OCSP/CRL certificate validation fetches on your behalf, bypassing browser CORS restrictions. Run ./certtools-helper on port 17878. All certificate data stays on your local machine - no external services involved.

📄 Supported Certificate Formats

PKCS#12 / PFX Files

Industry-standard format for storing certificates and private keys together. Common file extensions:

.pfx - Windows Personal Information Exchange
.p12 - PKCS#12 format

PEM / X.509 Certificates

Base64-encoded certificate format widely used in Linux/Unix environments:

.pem - Privacy Enhanced Mail format
.crt, .cer - Certificate files
.der - Binary DER encoding

🔍 Why Use CertTools for SSL Certificate Analysis?

Privacy-First Design: Unlike online certificate checkers that require uploading your certificates to remote servers, CertTools processes everything locally in your browser using WebAssembly. Your SSL certificates, private keys, and passwords never leave your device.

Comprehensive Certificate Details: Extract and view all certificate information including subject, issuer, validity dates, serial numbers, key usage, extended key usage, subject alternative names (SANs), and complete certificate chain validation.

Professional Certificate Management: Perfect for system administrators, DevOps engineers, security professionals, and developers who need to inspect, validate, and manage SSL/TLS certificates for websites, servers, and applications.

Free and Open: No registration, no subscriptions, no hidden fees. A completely free SSL certificate checker tool that respects your privacy and security.