SSL Certificate Decoder

Paste any PEM-encoded certificate to instantly decode all X.509 fields — subject, issuer, SANs, validity dates, fingerprints, public key details, and extensions.

Use it to debug certificate errors, verify a cert covers the right domains, check expiry dates, audit what a CA issued, or simply understand what's inside a certificate file you've received.

Paste Certificate (PEM format)

Paste a single certificate or a full chain (multiple PEM blocks). Results get a permanent, shareable URL.

How do I get a certificate in PEM format?

A PEM certificate is a Base64-encoded block starting with -----BEGIN CERTIFICATE-----. Common ways to get one:

  • openssl openssl s_client -connect example.com:443 -showcerts </dev/null 2>/dev/null | openssl x509
  • browser Click the padlock → Certificate → Details → Export as PEM/CER (rename extension to .pem and open in a text editor)
  • file If you have a .crt, .cer, or .pem file, open it in a text editor — if it starts with -----BEGIN, paste it directly here.

Instant parsing

All fields decoded server-side using PHP's OpenSSL extension against the published X.509 spec.

Shareable results

Every decoded certificate gets a permanent URL you can bookmark or share with your team.

Chain support

Paste a full certificate chain (leaf + intermediates) and each certificate is decoded separately.