Certificate Parser
Inspect SSL/TLS certificates by pasting their PEM string. View critical security information like validity periods and encryption algorithms.
? Learn more about X.509 Certificates
What is an X.509 Certificate?
In cryptography, X.509 is a standard defining the format of public key certificates. X.509 certificates are used in many Internet protocols, including TLS/SSL, which is the basis for HTTPS (the secure protocol for browsing the web).
Key components of a certificate
- Subject: The entity (usually a domain name like `miniutils.dev`) that the certificate identifies.
- Issuer: The Certificate Authority (CA) that verified the subject and signed the certificate.
- Validity Period: The "Not Before" and "Not After" dates. If the current date is outside this range, the browser will flag the site as insecure.
- Public Key: The key used to encrypt data or verify signatures. The corresponding private key is kept secret by the owner.
- Subject Alternative Name (SAN): Allows one certificate to secure multiple domains (e.g., `*.miniutils.dev` and `miniutils.dev`).
PEM vs DER Formats
Certificates can be stored in different formats. PEM (Privacy Enhanced Mail) is the most common format; it is a Base64 encoded format that begins with `-----BEGIN CERTIFICATE-----`. DER is a binary version of the same data.
Common Use Cases
Developers use certificate parsers to debug "SSL Handshake Failed" errors, check if a certificate is about to expire, or verify that a chain of trust is correctly implemented during server setup.