Free SSL Certificate Checker
Check your SSL/TLS configuration, HTTPS redirect, HSTS preload readiness, mixed content, and certificate transparency.
What Is SSL/TLS?
SSL (Secure Sockets Layer) and its successor TLS (Transport Layer Security) encrypt the connection between a visitor's browser and your web server. When properly configured, SSL/TLS ensures that sensitive data — passwords, credit card numbers, personal information — cannot be intercepted by attackers on the network.
An SSL certificate proves your website's identity and enables HTTPS. Browsers display a padlock icon for sites with valid certificates and show warnings for expired or misconfigured ones.
What Does This Tool Check?
- HTTPS Redirect — Does your site force visitors from HTTP to HTTPS?
- HSTS Header — Is HTTP Strict Transport Security enabled with a strong max-age?
- HSTS Preload — Is your HSTS configuration ready for browser preload lists?
- Mixed Content — Are any resources loaded over insecure HTTP on HTTPS pages?
- Certificate Transparency — Are wildcard certificates in use that increase risk?
Why SSL Matters for SEO
Google has used HTTPS as a ranking signal since 2014. Sites without SSL certificates may rank lower in search results and display "Not Secure" warnings in Chrome, which increases bounce rates. A properly configured SSL certificate is table stakes for any modern website.
Common SSL Issues
Expired certificates — Let's Encrypt certificates expire every 90 days. Missing a renewal causes browser warnings and blocks visitors.
Missing HTTPS redirect — If HTTP traffic isn't redirected to HTTPS, some visitors browse your site unencrypted.
Mixed content — Loading images, scripts, or stylesheets over HTTP on an HTTPS page undermines encryption and triggers browser warnings.
Weak HSTS — Without HSTS (or with a short max-age), returning visitors can be downgraded to HTTP via man-in-the-middle attacks.