Pricing

Pay per event

SSL Certificate Checker

SSL Certificate Checker connects to domains over TLS and inspects their SSL certificates. It returns structured data about certificate validity, expiry, issuer chain, TLS protocol version, cipher suite, and a security grade from A+ to F.

Pricing

Pay per event

Rating

0.0

(0)

Developer

Stas Persiianenko

Actor stats

Bookmarked

Total users

Monthly active users

a day ago

Last modified

What does SSL Certificate Checker do?

SSL Certificate Checker connects to domains over TLS and inspects their SSL certificates. It returns structured data about certificate validity, expiry, issuer chain, TLS protocol version, cipher suite, and a security grade from A+ to F.

Use it to monitor certificate expiry across your domains, audit SSL configuration, verify certificate chains, or build alerts before certificates expire.

Use cases

Certificate expiry monitoring -- schedule weekly runs to catch expiring certificates before they cause downtime and browser warnings
Security auditing -- verify SSL configuration, TLS version, and cipher suites across your infrastructure
Vendor assessment -- check the SSL posture of third-party services and SaaS providers your organization depends on
Compliance reporting -- generate certificate reports for PCI-DSS, SOC 2, or internal security policy requirements
Migration verification -- confirm that certificate chains are valid after moving to new hosting or CDN providers

Why use SSL Certificate Checker?

Security grading -- A+ to F grade based on certificate validity, TLS version, and configuration gives you an instant overview
Expiry monitoring -- days until expiry with severity levels (critical < 7 days, warning < 30 days) so you can prioritize action
Certificate chain -- full chain from leaf to root CA for debugging trust issues
Protocol details -- TLS version and cipher suite reported for each domain
Bulk checking -- process hundreds of domains in a single run
URL cleaning -- paste full URLs; protocols, paths, and www. are stripped automatically

Input parameters

Parameter	Type	Required	Default	Description
`domains`	array	Yes	--	List of domain names to check. URLs are automatically cleaned (https://example.com/path becomes example.com). Duplicates are removed.

Example input

{
    "domains": ["apify.com", "google.com", "expired.badssl.com"]
}

Output example

Each domain produces one record with:

Field	Description
`domain`	The checked domain
`isValid`	Whether the certificate is trusted and not expired
`grade`	Security grade: A+, A, B, C, D, or F
`certificate`	Certificate details (subject, issuer, expiry, SANs, fingerprints)
`chain`	Certificate chain from leaf to root
`protocol`	TLS protocol version (e.g. TLSv1.3)
`cipher`	Cipher suite name
`issues`	Array of security issues with severity levels
`checkTimeMs`	Check duration in milliseconds
`error`	Error message if check failed
`checkedAt`	ISO timestamp

{
    "domain": "apify.com",
    "isValid": true,
    "grade": "A+",
    "certificate": {
        "subject": "CN=apify.com",
        "issuer": "CN=E6, O=Let's Encrypt, C=US",
        "validFrom": "2026-01-15T00:00:00.000Z",
        "validTo": "2026-04-15T00:00:00.000Z",
        "daysUntilExpiry": 45,
        "subjectAltNames": ["apify.com", "*.apify.com"]
    },
    "chain": [
        { "subject": "CN=E6, O=Let's Encrypt, C=US", "issuer": "CN=ISRG Root X2, O=Internet Security Research Group, C=US" }
    ],
    "protocol": "TLSv1.3",
    "cipher": "TLS_AES_256_GCM_SHA384",
    "issues": [],
    "checkTimeMs": 120,
    "error": null
}

How much does it cost?

SSL Certificate Checker uses Apify's pay-per-event pricing. You only pay for what you use.

Event	Cost
Run start	$0.035
Per domain checked	$0.001

Cost examples:

5 domains: $0.035 + 5 x $0.001 = $0.04
100 domains: $0.035 + 100 x $0.001 = $0.135
1,000 domains: $0.035 + 1,000 x $0.001 = $1.035

Using the Apify API

You can start SSL Certificate Checker programmatically using the Apify API. Replace YOUR_TOKEN with your Apify API token.

Node.js

import { ApifyClient } from 'apify-client';

const client = new ApifyClient({ token: 'YOUR_TOKEN' });
const run = await client.actor('automation-lab/ssl-certificate-checker').call({
    domains: ['apify.com', 'google.com'],
});
const { items } = await client.dataset(run.defaultDatasetId).listItems();
console.log(items);

Python

from apify_client import ApifyClient

client = ApifyClient('YOUR_TOKEN')
run = client.actor('automation-lab/ssl-certificate-checker').call(run_input={
    'domains': ['apify.com', 'google.com'],
})
items = client.dataset(run['defaultDatasetId']).list_items().items
print(items)

Integrations

Connect SSL Certificate Checker with other tools using Apify integrations. Set up webhooks to get alerts when certificates are about to expire. Export results to Google Sheets for infrastructure tracking, send Slack notifications when grades drop below a threshold, trigger Make or Zapier workflows for automated certificate management, or push data to n8n for custom monitoring pipelines.

Grading scale

Grade	Description
A+	Excellent -- TLS 1.3, valid certificate, strong cipher, long validity
A	Good -- valid certificate, modern TLS, minor configuration gaps
B	Fair -- valid certificate but older TLS version or weaker cipher
C	Below average -- certificate issues or outdated protocol
D	Poor -- significant problems such as weak ciphers or short validity
F	Failing -- expired, self-signed, untrusted, or unreachable

Tips and best practices

Monitor expiry -- schedule weekly runs to catch certificates before they expire and cause downtime.
Test with badssl.com -- use expired.badssl.com, self-signed.badssl.com to verify detection works as expected.
Grade interpretation -- A+ means TLS 1.3, trusted, long validity. F means expired, untrusted, or connection failed.
Filter by daysUntilExpiry to prioritize domains that need immediate attention (under 30 days).
Combine with HTTP Headers Security Checker for a complete security audit covering both certificate health and header configuration.

FAQ

What security grades are possible? Grades range from A+ (excellent -- TLS 1.3, valid certificate, strong cipher) down to F (expired, self-signed, or unreachable). The grading considers TLS version, certificate validity, chain completeness, and cipher strength.

Can I check internal or private domains? The actor connects to domains over the public internet. Internal domains that are not publicly reachable cannot be checked.

Does it check for certificate transparency logs? The actor focuses on certificate validity, chain verification, and TLS configuration. Certificate transparency log checking is not currently included.

SSL Certificate Checker

scrappy_garden/ssl-certificate-checker

Check SSL/TLS certificates for any website: expiration date, issuer, subject, hostname match (SNI), chain/authorization status, and common HTTPS misconfigurations. Useful for SEO audits, security checks, and uptime monitoring.

Bikram Adhikari

SSL Certificate Checker

nexgendata/ssl-certificate-checker

Check SSL/TLS certificates for any domain — expiration dates, issuer, protocol versions, and security grade. Monitor certificate health across your infrastructure.

Stephan Corbeil

Ssl Certificate Checker

consummate_mandala/ssl-certificate-checker

Ssl Certificate Checker. Automated analysis with detailed reports and actionable insights. Fast, accurate, and scalable.

Donny Nguyen

Ssl Certificate Checker

urban_quidnunc/ssl-certificate-checker

Donny

Check Ssl Certificate — Expiry, Issuer & Security Grade

tropical_quince/ssl-certificate-checker

Check ssl certificate data at scale with this powerful Apify actor. Extracts expiry, issuer & security grade with automatic pagination and proxy rotation. Perfect for market research, competitive intelligence, and data-driven decision making.

Donny Nguyen

DNS Lookup | Scrape Domain Records & Security Intelligence

datascoutapi/dns-lookup

DNS lookup scrapes 22 data points including 10 DNS records (A, AAAA, MX, TXT, NS, CNAME, SOA, SRV, PTR, CAA) + email security analysis ( SPF/DKIM/DMARC), SSL certificate checker, domain monitoring. Processes 100 domains per batch with security scoring.

halam

Bulk SSL Certificate Expiry DNS Monitor

logiover/bulk-ssl-certificate-expiry-dns-monitor

Check SSL certificate validity and expiration (days left, issuer, valid from/to) plus DNS A/MX resolution for thousands of domains. Fast, no browser, export-ready JSON/CSV. Ideal for agencies, SEO audits, DevOps monitoring and compliance.

Logiover

Website Accessibility AI Audit

consummate_mandala/website-accessibility-ai-audit

AI-powered WCAG accessibility audit for websites. Extract violations, severity, element selectors, and fix suggestions.

Donny Nguyen

n8n & Make Integration Templates

automation-lab/n8n-make-integration-templates

Generate ready-to-import workflow templates for n8n and Make.com. Covers monitoring (uptime, broken links, changes), SEO audits, security checks, and lead generation scenarios using Apify utility actors.

Stas Persiianenko

HTTP Headers Security Checker

automation-lab/http-headers-security-checker

This actor checks 12 HTTP security headers for any list of websites and produces a security grade with actionable findings. It identifies missing headers, weak configurations, and provides specific recommendations. Use it for security audits, compliance checks, or monitoring your web...

Stas Persiianenko