SSL/TLS Test
Grade any server's TLS configuration from A+ to F — protocols, cipher strength, certificate chain and HSTS, using the same grading methodology as SSL Labs. Results in seconds, with a shareable link.
Open the SSL test
Free Tools
Free tools for TLS and certificates
Quick, no-signup utilities for everyday SSL and TLS jobs — grade a server, decode a certificate, and more on the way. Built by the team behind CertControl, and free to use.
No account required · EU hosted · No data stored
Certificate Decoder
Paste a PEM certificate or a full chain and read exactly what's inside: subject, issuer, Subject Alternative Names, validity, key, signature and fingerprints. Nothing is stored.
Open the decoderCSR Decoder
Paste a Certificate Signing Request and read what you're about to send to a CA — subject, SANs, key, signature, and whether it verifies.
Open the CSR decoderCertificate Chain Checker
Paste a chain and check it's in the right order, each link verifies, nothing's expired, and it builds to a trusted root.
Open the chain checkerDNS Lookup
Look up A, AAAA, MX, NS, TXT, SOA and CAA records for a domain — and check its SPF and DMARC email policy.
Open the DNS lookupCAA Checker
See which Certificate Authorities are allowed to issue certificates for a domain — and whether CAA is set at all.
Open the CAA checkerSecurity Headers & HSTS
Check a site's HTTP security headers — HSTS (incl. preload eligibility), CSP, X-Frame-Options and more.
Open the headers checkerMore on the way
We keep adding tools for the everyday TLS and certificate jobs. Got one you'd like to see?
Suggest a tool
Why we build these
A free check is a snapshot. Real control is continuous.
These tools answer one question, for one host, right now. That's genuinely useful — but a certificate that's perfect today expires next quarter, and the host you forgot to check is the one that takes a service down. CertControl does what these tools do for every certificate you own — automatically and continuously, with alerts before anything breaks.