An SSL (Secure Sockets Layer) certificate is a digital certificate that authenticates a website's identity and enables an encrypted connection. It protects sensitive data transmitted between the user's browser and the web server.
Understanding the Grade Rating
A+ - Exceptional security configuration. All best practices followed.
A - Strong security with minor areas for improvement.
B - Good security but some deprecated features in use.
C - Adequate security with notable vulnerabilities.
F - Critical security issues requiring immediate attention.
Key Terms Explained
TLS (Transport Layer Security) - The modern successor to SSL, providing encrypted connections.
Cipher Suite - A set of algorithms that secure network connections.
HSTS - Forces browsers to use HTTPS only, preventing downgrade attacks.
Perfect Forward Secrecy (PFS) - Ensures session keys aren't compromised even if private keys are.
SAN (Subject Alternative Name) - Lists all domains covered by the certificate.
Browser Limitations
Due to browser security restrictions, JavaScript cannot directly access SSL certificate details from servers. This tool provides:
Educational information about SSL/TLS configuration
Best practices comparison
Simulated analysis based on domain patterns
Guidance for manual certificate verification
For production use, SSL checking should be done via server-side APIs or command-line tools like OpenSSL.
When to Renew
We recommend renewing SSL certificates:
At least 30 days before expiration
Immediately if security vulnerabilities are discovered