SSL Certificate Expiry Calculator

Enter a domain name and port to calculate the days remaining until your SSL/TLS certificate expires. Provide your certificate issue date and expiry date manually if you know them, and this tool will show you the days until expiry, total certificate validity period, and percentage of validity used — so you can plan renewals before downtime hits.

Optional — enter for reference. Use the dates below to calculate expiry.

Default HTTPS port is 443

Results

Days Until Expiry

--

Expiry Date

--

Total Validity Period

--

Days Elapsed

--

Validity Used

--

Validity Remaining

--

Frequently Asked Questions

What is an SSL certificate expiry date?

An SSL/TLS certificate is issued for a fixed validity period — typically 90 days (for free certificates like Let's Encrypt) or up to 1–2 years for paid certificates. The expiry date is when the certificate becomes invalid, causing browsers to show security warnings to your visitors. Renewing before this date is critical to maintaining trust and uptime.

How do I find my SSL certificate's issue and expiry dates?

In most browsers, click the padlock icon in the address bar next to your site's URL, then select 'Certificate' or 'Connection is secure' to view certificate details. You'll find the 'Valid From' (issue date) and 'Valid To' (expiry date) listed there. You can also use command-line tools like OpenSSL: `openssl s_client -connect yourdomain.com:443`.

How many days before expiry should I renew my SSL certificate?

It's best practice to renew your SSL certificate at least 30 days before its expiry date. For automated systems like Let's Encrypt with Certbot, renewal is typically triggered 30 days out. Waiting until the last moment risks service disruption if renewal fails or is delayed.

What happens if my SSL certificate expires?

When an SSL certificate expires, browsers will immediately display a security warning to visitors — often a full-page alert saying the connection is not secure. This breaks user trust, can cause a significant drop in traffic, and may affect your site's SEO rankings. E-commerce sites can also lose sales and face compliance issues.

What port should I use for SSL certificate checks?

The standard port for HTTPS is 443, which is used by the vast majority of websites. If your server uses a non-standard port (e.g. 8443 for development environments, or 465 for SMTPS), enter that port number instead. When in doubt, 443 is almost always correct for public-facing web servers.

What is the difference between DV, OV, and EV SSL certificates?

DV (Domain Validated) certificates only verify domain ownership and are issued quickly — often within minutes. OV (Organization Validated) certificates also verify the organization's identity, adding a layer of trust. EV (Extended Validation) certificates go through the most rigorous vetting and historically displayed a green address bar in browsers. All three provide the same level of encryption; they differ in how much identity information is verified.

How long are SSL certificates valid for?

Since September 2020, the maximum validity period for publicly trusted SSL certificates is 398 days (approximately 13 months). Free certificates from Let's Encrypt are valid for only 90 days, encouraging frequent automated renewal. Older certificates issued before these rules may have had validity periods of 2–3 years.

Can I use this calculator to check a certificate I haven't received yet?

Yes — if you know when your certificate will be issued and for how long it will be valid, you can enter future dates to plan ahead. This is useful for forecasting renewal schedules across multiple domains or planning maintenance windows around upcoming expirations.

More Time & Date Tools