How to use the SSL Certificate Viewer
Overview
A practical guide to inspecting PEM certificates for validity, issuers, and fingerprints.
Quick answer: Start with the expiration date and issuer, then check SAN and fingerprints. It expects PEM input, so include the BEGIN / END lines when you paste the certificate.
1. What to check first
When inspecting a certificate, start by checking whether it is expired, who issued it, and which names it covers. Looking at Subject and Issuer first often gives you enough context to start a real investigation.
2. Review SAN and fingerprints
Subject Alternative Names list the hostnames covered by the certificate. A SHA-256 fingerprint is useful for identifying the exact certificate, especially when you are comparing environments or checking a replacement.
- Check the expiration date first
- Confirm the target hostname appears in SAN
- Use the fingerprint to confirm identity
3. How to paste PEM input
Paste the certificate in PEM form, including the BEGIN and END lines. If the middle of the certificate loses line breaks or gets truncated, parsing may fail.
Browse all guides
Open the full guides page to compare articles and jump to another topic.