SSL Certificate Decoder
Create your CSR and Private Key for your SSL with our free generator tool.
Convert and create PFX / PKCS12 files from your PEM Certificate and Key.
Check and verify your SSL Certificate has been installed correctly.
Decode and view all the information within a CSR to verify it is correct.
Run our free website security checker on your website.
Decode your SSL Certificate and view all contained information to verify.
Check to make sure your SSL matches your CSR and Private Key.
Our team of experts can install your new SSL Certificate for you.
Use our free SSL cert decoder to view the details of your new SSL Certificates and verify they have been issued correctly with all your required values. Paste your Certificate PEM file contents into the field below, a
New and More Secure!
Buy Cheap SSL/TLS Certificates
Secure your website or service with our low priced SSL Certificates.
Lowest price at only $ per year.
Or buy a Wildcard SSL for only $ per year.
Frequently Asked Questions
An SSL/TLS Certificate mainly contains the following information. It may include additional fields, but these are the most common.
- Domain Name: Specific domain the certificate is issued for.
- Subject: Identity of the certificate owner (organisation name and location).
- Issuer: Information about the Certificate Authority (CA).
- Public Key: Public key is used for encrypting data sent to the website.
- Serial Number: Unique number assigned by the CA.
- Validity Period: Timeframe during which the certificate is valid.
- Signature Algorithm: Algorithm used by the CA to sign the certificate.
- Signature: Digital signature of the issuing CA.
- Subject Alternative Name (SAN): Optional field for multiple domain names or subdomains.
An SSL certificate file, when viewed as plain text, is encoded in a format known as PEM (Privacy-Enhanced Mail), which is a Base64 encoded DER certificate enclosed between "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" lines.
Here's an example:-----BEGIN CERTIFICATE----- MIIH4DCCBkigAwIBAgIQA7aNVXx/DVilNYtsJnpYnzANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJBVTEQMA4GA1UEChMHVmVyb2tleTElMCMGA1UEAxMcVmVyb2tl eSBWZXJpZmllZCBCdXNpbmVzcyBHMjAeFw0yMzA1MTEwMDAwMDBaFw0yNDA1MTEy MzU5NTlaMGgxCzAJBgNVBAYTAkFVMRgwFgYDVQQIEw9OZXcgU291dGggV2FsZXMx DzANBgNVBAcTBkdvcmRvbjEQMA4GA1UEChMHVmVyb2tleTEcMBoGA1UEAxMTd3d3 LnNzbHRydXN0LmNvbS5hdTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB pW/Kw4mTshKwoIDog7p8KEE4hB/N0/lp/ir3HZAZV4znByapB26U/ee+cFR8fGix cKGcgfGlMEHVy6DGWQ//FlJK8wh1ahFCQ/e759DJERNfwQwdtHHzrRZlnNVVBiaY WJ6RKF+fbVuGwBppqyhQHdYPDDGtZ/sXcQcA9j4RVfUqCKS1j0SJ2crLbCibQLzK 3YpuEdTRBYIopwB1mBQlLfs1qUX7tfPG77iilZ5Vdqbk8RxcuzIf6qJQeCYukx+7 7AEdeqZn9xI+GFNklCerzIACs2Op5XmB0HPUZ13+OWy/1bQee3kQlDhZT97DIbzr lWXiXw== -----END CERTIFICATE-----
There are several reasons why you might want to decode your SSL Certificate, such as:
- Verifying Certificate Details: Confirm the certificate’s subject, issuer, and validity period to ensure everything is correct.
- Checking Expiration Dates: Identify when the certificate expires so you can renew before it becomes invalid.
- Troubleshooting Issues: Diagnose potential problems by reviewing detailed certificate information, such as the signature algorithm or certificate chain.
- Ensuring Proper Configuration: Make sure the certificate matches the domain and the server setup, reducing the risk of browser warnings or errors.
No, when you decode your SSL Certificate, it only reveals information that is already public (for example, it reveals the public key but does not contain private key details, which are hosted on your server and not in the certificate).
For your added peace of mind, our SSL decoder does not submit any information to our servers and operates entirely within your browser.
Yes, you can use our SSL cert decoder to decode any SSL Certificate, regardless of whether it’s expired or revoked. However, you should be aware that an expired or revoked certificate will no longer be valid for securing your website. Learn more about what happens when a certificate expires.
If the details in the decoded certificate are incorrect (for example, the wrong domain or organisation name is listed), you’ll need to get the certificate reissued by your chosen Certificate Authority (CA). You’ll typically need to generate a new CSR with the corrected details and follow the CA’s validation process again.
If your certificate details are wrong and you’re unsure what to do, contact our SSL experts. We’re here to help!