How to Check SSL Certificate Expiry

Quick Answer

To check when an SSL certificate expires: Open your browser, click the padlock icon in the address bar, view certificate details, and look for the "Valid To" or "Expires" date. For automated checking across multiple regions, use ProbeOps SSL Checker at probeops.com/tools/ssl-checker which shows expiry dates from 6 global locations simultaneously.

When to Check SSL Certificate Expiry

Before purchasing or renewing a certificate to verify current status
When setting up monitoring to prevent unexpected expiration
After certificate installation to confirm correct deployment
When troubleshooting HTTPS connection errors
During security audits and compliance checks

Step-by-Step Guide

Step 1: Enter Your Domain

Navigate to the ProbeOps SSL Checker tool and enter your domain name (e.g., example.com). You don't need to include https:// - just the domain name is sufficient.

Step 2: Select Check Regions

Choose which global locations to verify the certificate from. This helps identify if different CDN edges or load balancers are serving different certificates. Available regions include US East, US West, EU Central, AP South, Canada, and Australia.

Step 3: Review Certificate Details

The results show the certificate's "Valid From" and "Valid To" dates, issuer information, subject details, and the complete certificate chain. The expiry countdown shows days remaining.

Step 4: Set Up Expiry Alerts

Configure automated monitoring to receive email notifications 30, 14, and 7 days before expiration. This prevents unexpected downtime from expired certificates.

Example: Checking SSL Expiry

Input

Domain: github.com

Output

Issuer: DigiCert Inc, Valid From: 2024-03-15, Valid To: 2025-03-14, Days Until Expiry: 127, Certificate Chain: Valid (3 certificates), TLS Version: 1.3, Cipher Suite: TLS_AES_128_GCM_SHA256

Alternative Methods

Browser Method

Click the padlock icon in Chrome/Firefox address bar, select "Connection is secure", then "Certificate is valid" to view expiry details.

OpenSSL Command Line

Run: openssl s_client -connect example.com:443 -servername example.com 2>/dev/null | openssl x509 -noout -dates

This outputs notBefore and notAfter dates for the certificate.

Common Pitfalls

Problem: Certificate shows valid but browser shows error

Fix: The certificate chain may be incomplete. Check that intermediate certificates are properly installed on your server.

Problem: Different expiry dates from different locations

Fix: Your CDN or load balancer may have outdated certificates cached. Purge the CDN cache or restart edge servers to pick up the new certificate.

Problem: Certificate renewed but old one still showing

Fix: DNS propagation or CDN caching may be serving stale content. Wait for TTL expiration or manually purge caches.

Related Tools

SSL Certificate Checker - Verify SSL certificates from multiple regions
SSL Expiry Checker - Focused certificate expiration monitoring
TLS Version Checker - Verify TLS 1.2/1.3 support

API Access

Automate SSL expiry checks via the ProbeOps REST API. See theAPI documentation for integration guides and examples.

Guides/How to Check SSL Certificate Expiry

How to Check SSL Certificate Expiry

Prevent website downtime by monitoring when your SSL/TLS certificates expire. Learn multiple methods to check certificate validity.

Quick Answer

To check SSL certificate expiry: Click the padlock icon in your browser's address bar and view certificate details, or use ProbeOps SSL Checker to see expiry dates from 6 global locations simultaneously. The certificate's 'Valid To' field shows the expiration date.

When to Use This

Before purchasing or renewing a certificate to verify current status
When setting up monitoring to prevent unexpected expiration
After certificate installation to confirm correct deployment
When troubleshooting HTTPS connection errors or warnings
During security audits and compliance checks

Step-by-Step Guide

Enter Your Domain

Go to the ProbeOps SSL Checker and enter your domain name (e.g., example.com). No need to include https:// prefix.

Select Check Regions

Choose global locations to verify the certificate from. This helps identify if different CDN edges serve different certificates.

Review Certificate Details

Check the "Valid To" date for expiration. Results include issuer info, certificate chain validation, and TLS version.

Set Up Expiry Alerts (Optional)

Configure automated monitoring to receive notifications 30, 14, and 7 days before expiration to prevent downtime.

Example: Checking github.com SSL Expiry

Input

github.com

Output

Certificate Status: Valid ✓ Issuer: DigiCert Inc Valid From: March 15, 2024 Valid To: March 14, 2025 Days Until Expiry: 127 days Certificate Chain: Complete (3 certs) TLS Version: 1.3 Key Size: 256-bit ECDSA

Common Pitfalls & Quick Fixes

Problem: Certificate shows valid but browser displays security error

Fix: The certificate chain is likely incomplete. Ensure intermediate certificates are installed on your server. Use the chain validation feature to identify missing certificates.

Problem: Different expiry dates reported from different locations

Fix: Your CDN or load balancer may have outdated certificates cached. Purge CDN cache or restart edge servers to deploy the updated certificate globally.

Problem: Renewed certificate but old expiry date still showing

Fix: DNS propagation or browser caching may be serving stale data. Clear browser cache, wait for DNS TTL expiration, or check with incognito mode.

Try it yourself

Use our free SSL Checker to run these checks from 6 global locations.

Open SSL Checker

View API Docs

Related Guides

Check SSL Certificate Expiry

DNS Propagation Troubleshooting

How to Read Traceroute Results

Check if Ports are Open