SSL/TLS Grade Checker
Verify your website's encryption standards. Our scanner analyzes your certificate chain, key strength, and validity to generate a comprehensive security grade.
Analyzes Certificate Validity, Key Strength (RSA/ECDSA), and Trust Chain.
Analyzing SSL Configuration...
We are retrieving the certificate chain and verifying cryptographic strength.
Calculating trust score...
SSL Report Card
domain.com
Issued by: -
Certificate Details
Resolved Servers
| Server IP | Status | Grade |
|---|
The SERPInsight SSL/TLS Grade Checker
SSL (Secure Sockets Layer) and its successor TLS (Transport Layer Security) are the standard technologies for keeping an internet connection secure. They safeguard sensitive data being sent between two systems, preventing criminals from reading and modifying any information transferred, including potential personal details.
A valid certificate is now a requirement for modern SEO. Search engines like Google label non-HTTPS sites as "Not Secure," which can drastically increase bounce rates. Our tool performs a deep handshake analysis to ensure your certificate is valid, trusted, and using modern cryptographic standards.
How our tool works
-
1
Handshake Emulation
We initiate a secure connection to your server (port 443) just like a web browser does, capturing the certificate chain.
-
2
Deep Inspection
We parse the X.509 certificate data to extract details about the issuer, validity period, and cryptographic key strength (RSA/ECDSA).
-
3
Trust Scoring
We verify that the certificate is not self-signed, has not expired, and uses strong keys (2048-bit+) to assign a letter grade.
Understanding SSL Metrics
Ensures the certificate is currently active and not expired. Modern best practices suggest renewing certificates every 60-90 days.
The size of the cryptographic key used to encrypt data. 2048-bit is the modern standard for RSA keys; anything less is considered insecure.
Verifies that the certificate was issued by a trusted Certificate Authority (CA) like Let's Encrypt or DigiCert, and not "Self-Signed".
The mathematical function used to sign the certificate. SHA-256 is the standard. Older algorithms like SHA-1 are vulnerable and rejected.
The primary domain name associated with the certificate. This must match the URL in the browser address bar exactly to avoid warnings.
Server Name Indication allows multiple secure websites to be served from the same IP address. It is required for modern hosting environments.
How We Calculate Your Grade
Our algorithm assigns points based on the strength and validity of your encryption.
Scoring Weights
- Validity > 60 Days +20 pts
- Key Size ≥ 2048 bit +40 pts
- Trusted Issuer (CA) +40 pts
- Weak Key (< 2048 bit) -50 pts
- Expired / Self-Signed Auto F
Pro Tip: To maintain an A Grade, ensure your certificate is automatically renewed (e.g., via Certbot) at least 30 days before expiration.
Frequently Asked Questions
What is an SSL Certificate?
Why did I get an F grade?
Does SSL affect SEO rankings?
Why use our SSL Checker?
Fast, accurate, and free security diagnostics.
Instant Analysis
Get real-time feedback on your server's security handshake without installing any software or command-line tools.
Multi-Server Support
We resolve and list all IP addresses associated with your domain to check consistency across Load Balancers and CDNs.
Deep Inspection
We analyze hidden details like signature algorithms (SHA-256) and key bits (2048 vs 4096) to ensure modern compliance.
Free & Private
No sign-up required. Your searches are processed securely and we do not store your data or search history.