Free SSL Certificate & Security Checker — TLS, Ciphers, HSTS and Security Headers

Our SSL and security checker connects directly to your website and inspects the live SSL certificate, TLS version, cipher suite, certificate authority chain, validity dates and all HTTP security headers — returning a comprehensive security grade from A+ to F. Ideal for sysadmins verifying new certificate installations, developers hardening web applications, and IT managers auditing hosted services.

What We Check

• SSL Certificate — Subject, issuer, root CA, validity dates, days to expiry, SANs (Subject Alternative Names), serial number and SHA-256 fingerprint
• TLS Protocol — Whether TLS 1.3 or 1.2 is negotiated, and the cipher suite in use
• HSTS — Whether HTTP Strict Transport Security is configured, with max-age, includeSubDomains and preload status
• Content Security Policy — Whether a CSP header is present to protect against XSS
• Clickjacking Protection — X-Frame-Options header prevents your site being embedded in malicious iframes
• Server Disclosure — Whether the server reveals its version information to attackers
• Additional Headers — Referrer-Policy, Permissions-Policy, Cross-Origin-Opener-Policy

How the Security Grade Works

The grade is based on a 100-point scoring system. HTTPS and a valid certificate are the foundation (30pts). TLS 1.3 (10pts), HSTS (15pts), CSP (10pts), X-Frame-Options (10pts) and additional headers make up the rest. A score of 90+ earns A+, 75+ earns A, 60+ earns B, 45+ earns C, 25+ earns D.