Check a site's HTTPS certificate: whether it's valid, when it expires, and how many days you have left.
The SSL Expiry Checker inspects the TLS/SSL certificate a website presents over HTTPS and tells you whether it's valid, who issued it, when it expires, and how many days remain. An expired or invalid certificate shows visitors a scary browser warning and can take a site offline in practice — this catches it before that happens.
Use it to confirm a renewal worked, to see how long is left before you need to renew, or to diagnose a "your connection is not private" warning.
| Result | What it means |
|---|---|
| Valid | The certificate is trusted, matches the domain, and has more than 30 days left. |
| Warning | The certificate is valid but expiring soon (within 30 days). Plan the renewal now — the tool flags ≤30, ≤14, ≤7 and ≤3 days. |
| Invalid | The certificate can't be trusted as-is — it's expired, not yet valid, doesn't match the domain, is self-signed, or its chain is broken. Visitors will see a warning. |
| Message | What it means |
|---|---|
| Expired | The certificate's end date has passed. Renew it — browsers now block the site. |
| Not yet valid | The certificate's start date is in the future, often a server clock or installation issue. |
| Hostname mismatch | The certificate is for a different domain than the one you checked — e.g. installed on the wrong host. |
| Self-signed | The certificate wasn't issued by a trusted authority, so browsers won't trust it. |
| Chain invalid | An intermediate certificate is missing or broken, so the chain to a trusted root can't be built. |
| No SSL certificate found | The domain didn't present a certificate — it may not support HTTPS at all. |
| Connection timed out | The connection timed out before the certificate could be read. |
| Connection refused | The connection was refused — HTTPS may not be enabled on this domain. |
| TLS handshake failed | The secure handshake failed, so the certificate couldn't be read. Often a protocol or cipher mismatch. |
| We couldn't find that domain | DNS lookup failed — check the spelling, or the site's DNS may be down. |
These tools are one-off checks. A Monitrova account monitors your sites continuously and emails you the moment something breaks.