SSL Certificate Decoder
Decode and inspect SSL/TLS X.509 certificates from PEM or DER. View subject, issuer, validity, SAN, fingerprints. Runs in your browser.
Subject
Issuer
Valid from
Valid to
Serial number
Signature algorithm
Public key algorithm
Subject Alternative Names
Fingerprint
Reference
What is an X.509 certificate?
An X.509 certificate binds a public key to an identity (a domain, organization, or person), signed by a Certificate Authority (CA). Certificates are typically encoded in PEM (Base64-wrapped) or DER (binary) format. Important fields: Subject (who the cert is for), Issuer (who signed it), Validity, and SAN (subject alternative names) for multi-domain certs.
Common uses
- Cert audit — check expiry and SAN entries.
- Debugging TLS — verify the right certificate is served.
- Pinning — extract SHA-256 fingerprints for cert pinning.
- Internal CAs — inspect self-signed or private CA certs.
Privacy
All decoding runs 100% in your browser. No data is sent to any server.