🔐

SSL Certificate Decoder — Expiry & SAN Inspector

Decode X.509 SSL/TLS certificates and RSA private keys in your browser. View subject, issuer, SANs, validity dates, key type, serial number, and SHA-256/SHA-1 fingerprints. Optionally check if a certificate and private key match.

ValidatorsDevOps & Infrastructure
Loading tool...

How to Use SSL Certificate Decoder — Expiry & SAN Inspector

How to Use SSL Certificate & Key Decoder

Certificate Tab

Step 1: Paste Your PEM Certificate

Copy the contents of your .crt, .cer, or .pem file and paste it into the Certificate input, including the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- headers.

You can get the PEM from:

  • A .crt or .pem file on your server
  • OpenSSL: openssl s_client -connect example.com:443 < /dev/null | openssl x509 -out cert.pem
  • Your browser: click the padlock → Certificate → copy the PEM

Step 2: Click Decode Certificate

The tool decodes and displays:

  • Subject — CN, Organisation, Country, and other fields
  • Issuer — the certificate authority that signed this cert
  • Validity — Not Before / Not After dates with an expiry badge
  • Key Info — key type (RSA/EC), key size in bits
  • SANs — all DNS names, IPs, and email addresses this cert covers
  • Fingerprints — SHA-256 and SHA-1 fingerprints for verification
  • Flags — Self-Signed and CA Certificate badges where applicable

Private Key Tab

Step 1: Paste Your PEM Private Key

Paste an RSA private key in PKCS#1 (-----BEGIN RSA PRIVATE KEY-----) or PKCS#8 (-----BEGIN PRIVATE KEY-----) format.

Step 2: Click Decode Private Key

The tool shows key type, size, and a SHA-256 fingerprint of the derived public key.

Certificate & Key Match

If you have decoded both a certificate and a private key, a Check Match button appears. Click it to verify that the certificate was issued for that private key — the tool compares the public key fingerprint from the certificate against the one derived from the private key.

Tips

  • Certificates with no SANs are rejected by modern browsers — the CN field alone is not sufficient
  • Use Landscape orientation for wide tables
  • A SHA-256 fingerprint mismatch after renewal means the key was rotated — update both cert and key on the server

Frequently Asked Questions

Most Viewed Tools

📺

Screen Size Converter — Diagonal Dimension Tool

5,992 views

Calculate screen width and height from diagonal size and aspect ratio. Convert between inches and centimeters for displays, TVs, and monitors with instant dimension calculations.

Use Tool →
🖨️

DPI Calculator — Print Resolution Tool

3,898 views

Calculate DPI (dots per inch), image dimensions, and print sizes. Convert between pixels and physical dimensions for printing and displays.

Use Tool →
🔐

TOTP Code Generator — 2FA Testing Tool

3,613 views

Generate time-based one-time passwords from a TOTP secret key. Enter your base32 secret, choose a period and digit length, and get the current and next codes with a live countdown timer. Useful for testing and debugging 2FA integrations.

Use Tool →
{}

JSONL Formatter — Line-by-Line Validator

3,609 views

Format, validate, and inspect JSON Lines (JSONL) and NDJSON files. Validates each line individually, reports parse errors by line number, outputs compact JSONL or a pretty-print preview, and lets you download the cleaned file.

Use Tool →
{ }

JSON to Zod — Schema Generator

3,494 views

Generate Zod validation schema code from a JSON sample object. Infers z.string(), z.number(), z.boolean(), z.array(), z.object(), and z.null() types automatically. Handles nested objects, arrays of objects with optional field detection, and outputs copy-ready TypeScript with import and z.infer type alias.

Use Tool →
🔑

Password Entropy Calculator — Crack Time Estimator

3,294 views

Calculate the information-theoretic bit entropy of any password or API key. Detects character set pools automatically, shows the total number of possible combinations, and estimates crack time across five attack scenarios from rate-limited web logins to GPU cracking clusters.

Use Tool →
🔐

TLS Cipher Suite Checker — Strength Analyzer

3,284 views

Check TLS protocol version compatibility and cipher suite strength ratings against current best practices. Supports IANA and OpenSSL cipher names — rates each suite as Strong, Weak, or Deprecated and explains why.

Use Tool →
🔍

Secret Scanner — API Key & Credential Detector

3,016 views

Scan pasted text, code, or config files for accidentally exposed API keys, tokens, passwords, and private keys. Detects 50+ secret types across AWS, GitHub, Stripe, OpenAI, and more — all client-side, nothing leaves your browser.

Use Tool →

Related DevOps & Infrastructure Tools

🌐

DNS Record Validator — Live Lookup Tool

Look up live DNS records for any domain. Query A, AAAA, MX, TXT, CNAME, NS, SOA, and CAA records instantly via Cloudflare DNS-over-HTTPS — no installation required.

Use Tool →
🤖

robots.txt Validator — Crawl Rule Checker

Validate your robots.txt file against the Robots Exclusion Protocol. Checks directive syntax, path formats, Crawl-delay values, and Sitemap URLs. Previews crawl rules per user-agent group. Free and runs entirely in your browser.

Use Tool →
🐋

Dockerfile Linter — Optimize & Secure Your Container Builds

Lint Dockerfile instructions for best practices, security issues, and layer optimization. Flags unpinned base images, root user, ADD vs COPY, apt-get mistakes, shell-form CMD, and more — with fix guidance for each issue.

Use Tool →
🔍

User Agent Parser — Browser & Device Decoder

Parse user agent strings to extract browser, operating system, device, and engine information. Essential for web analytics, device detection, and browser compatibility testing.

Use Tool →
📋

API Response Formatter — JSON Pretty Printer

Format and beautify API responses for better readability. JSON formatter with minify and prettify options.

Use Tool →
🍪

Cookie Parser — HTTP Cookie Decoder

Parse HTTP cookie strings into readable key-value pairs. Decode URL-encoded values and inspect cookies from browser requests.

Use Tool →
🔗

Query String Parser — URL Parameter Decoder

Parse URL query strings into readable key-value pairs. Decode parameters and inspect URL search queries with ease.

Use Tool →
⚙️

GitHub Actions Validator — Workflow Syntax & CI/CD Security Audit

Validate GitHub Actions workflow YAML for syntax errors, missing required fields, deprecated commands, mutable action refs, outdated action versions, and broken job dependencies. Get per-job results with fix hints in real time.

Use Tool →

Share Your Feedback

Help us improve this tool by sharing your experience

We will only use this to follow up on your feedback