# SSL Certificate Checker (`maximedupre/ssl-certificate-checker`) Actor Check SSL/TLS certificates for public domains, URLs, and host:port endpoints. Export expiry, trust, hostname match, issuer, SANs, chain, TLS, cipher, HSTS, HTTPS redirect, and issue data. - **URL**: https://apify.com/maximedupre/ssl-certificate-checker.md - **Developed by:** [Maxime Duprรฉ](https://apify.com/maximedupre) (community) - **Categories:** Developer tools, Business - **Stats:** 2 total users, 1 monthly users, 100.0% runs succeeded, 0 bookmarks - **User rating**: No ratings yet ## Pricing $0.05 / 1,000 checked endpoints This Actor is paid per event. You are not charged for the Apify platform usage, but only a fixed price for specific events. Learn more: https://docs.apify.com/platform/actors/running/actors-in-store#pay-per-event ## What's an Apify Actor? Actors are a software tools running on the Apify platform, for all kinds of web data extraction and automation use cases. In Batch mode, an Actor accepts a well-defined JSON input, performs an action which can take anything from a few seconds to a few hours, and optionally produces a well-defined JSON output, datasets with results, or files in key-value store. In Standby mode, an Actor provides a web server which can be used as a website, API, or an MCP server. Actors are written with capital "A". ## How to integrate an Actor? If asked about integration, you help developers integrate Actors into their projects. You adapt to their stack and deliver integrations that are safe, well-documented, and production-ready. The best way to integrate Actors is as follows. In JavaScript/TypeScript projects, use official [JavaScript/TypeScript client](https://docs.apify.com/api/client/js.md): ```bash npm install apify-client ``` In Python projects, use official [Python client library](https://docs.apify.com/api/client/python.md): ```bash pip install apify-client ``` In shell scripts, use [Apify CLI](https://docs.apify.com/cli/docs.md): ````bash # MacOS / Linux curl -fsSL https://apify.com/install-cli.sh | bash # Windows irm https://apify.com/install-cli.ps1 | iex ```bash In AI frameworks, you might use the [Apify MCP server](https://docs.apify.com/platform/integrations/mcp.md). If your project is in a different language, use the [REST API](https://docs.apify.com/api/v2.md). For usage examples, see the [API](#api) section below. For more details, see Apify documentation as [Markdown index](https://docs.apify.com/llms.txt) and [Markdown full-text](https://docs.apify.com/llms-full.txt). # README ### ๐Ÿ” SSL certificate checker for public HTTPS endpoints SSL Certificate Checker checks public SSL/TLS certificates for domains, full URLs, and host:port endpoints. Add targets such as [apify.com](https://apify.com), `https://expired.badssl.com`, or `www.cloudflare.com:8443`, and get one dataset row per endpoint where certificate, TLS, or HTTPS posture was observed. Use it for expiry monitoring, security audits, SEO checks, client website reviews, and portfolio health reports. The Actor returns certificate validity, expiry, trust status, hostname match, issuer, subject, serial number, SHA-256 fingerprint, SANs, certificate chain, TLS protocol, cipher, HSTS, HTTPS redirect status, and issue reasons. It does not need cookies, login, source accounts, or a certificate-monitoring API key from you. For a quick first run, keep the prefilled examples. They include common public HTTPS endpoints plus a non-443 endpoint format so you can inspect a useful dataset right away. ### โœ… What this SSL certificate checker does - Checks public HTTPS endpoints in bulk. - Accepts bare domains, full HTTPS URLs, and explicit host:port values in one input list. - Normalizes each target to a host and port before checking it. - Flags certificates that are valid, expired, expiring soon, untrusted, self-signed, hostname-mismatched, or using weak TLS evidence when observed. - Extracts issuer, subject, validity dates, serial number, SHA-256 fingerprint, SANs, and certificate-chain evidence when the endpoint serves it. - Records negotiated TLS protocol and cipher data. - Checks HTTP-to-HTTPS redirect posture and HSTS headers when available. - Saves one dataset row only when an endpoint produces usable certificate, TLS, or HTTPS posture data. The Actor is focused on practical SSL certificate monitoring. It does not run a full SSL Labs-style vulnerability scan, enumerate every supported cipher suite, guarantee OCSP or CRL checks, scan private networks, or keep a long-running alerting daemon outside normal Apify schedules, webhooks, and integrations. ### ๐Ÿ“Š Data you get Each dataset row represents one observed public endpoint result. Rows can include: | Field | Description | | --- | --- | | `target` | Original target you submitted, useful for joining exports back to your list. | | `host`, `port` | Normalized endpoint that was checked. | | `isValid` | Whether the certificate is trusted, valid for the host, and not expired. | | `isExpiringSoon`, `daysUntilExpiry` | Renewal warning status and exact days left. | | `validFrom`, `validTo` | Leaf certificate validity window. | | `hostnameMatches`, `isTrusted` | Separate hostname and trust-chain checks. | | `tlsProtocol`, `cipher` | Negotiated TLS version and cipher suite. | | `issuer`, `subject` | Leaf certificate identity data. | | `serialNumber`, `fingerprintSha256` | Stable certificate identifiers for audits. | | `subjectAlternativeNames` | SAN values served by the certificate. | | `certificateChain` | Chain subject, issuer, validity, and fingerprint evidence when served. | | `httpRedirectsToHttps`, `hsts` | Basic HTTPS deployment posture. | | `issues` | Source-backed issue codes, severity, and plain-English messages. | You can export the dataset as JSON, CSV, Excel, XML, RSS, or HTML, or use the same results through the Apify API, schedules, webhooks, and integrations. ### ๐Ÿš€ How to run it 1. Open the Actor input. 2. Add public HTTPS endpoints in **Public HTTPS endpoints**. 3. Keep **Renewal warning threshold** at `30` days, or set your own renewal window. 4. Start the Actor. 5. Open the dataset and filter by `isValid`, `isExpiringSoon`, `daysUntilExpiry`, `isTrusted`, `hostnameMatches`, or `issues`. Use domains when you only need the default HTTPS port. Use full URLs when your source list already contains URLs. Use `host:port` when you need to check a non-443 HTTPS service. ### ๐Ÿงพ Input example ```json { "targets": [ "apify.com", "google.com", "github.com", "www.cloudflare.com:8443" ], "warningThresholdDays": 30 } ```` `Public HTTPS endpoints` is the only required input. The renewal warning threshold controls when `isExpiringSoon` becomes `true`; it does not change the certificate itself. ### ๐Ÿ“ค Output example ```json { "target": "https://api.example.com:8443/health", "host": "api.example.com", "port": 8443, "isValid": true, "isExpiringSoon": false, "daysUntilExpiry": 74, "validFrom": "2025-08-03T00:00:00.000Z", "validTo": "2026-08-31T23:59:59.000Z", "hostnameMatches": true, "isTrusted": true, "tlsProtocol": "TLSv1.3", "cipher": "TLS_AES_128_GCM_SHA256", "issuer": { "commonName": "Amazon RSA 2048 M02", "organization": "Amazon", "country": "US" }, "subject": { "commonName": "*.example.com", "organization": null, "country": null }, "serialNumber": "0A1B2C3D4E5F67890123456789ABCDEF", "fingerprintSha256": "12:34:56:78:90:AB:CD:EF:12:34:56:78:90:AB:CD:EF:12:34:56:78:90:AB:CD:EF:12:34:56:78:90:AB:CD:EF", "subjectAlternativeNames": ["*.example.com", "example.com"], "certificateChain": [ { "subjectCommonName": "Amazon RSA 2048 M02", "issuerCommonName": "Amazon Root CA 1", "validFrom": "2022-08-23T22:21:28.000Z", "validTo": "2030-08-23T22:21:28.000Z", "fingerprintSha256": "AB:CD:EF:12:34:56:78:90:AB:CD:EF:12:34:56:78:90:AB:CD:EF:12:34:56:78:90:AB:CD:EF:12:34:56:78:90" } ], "httpRedirectsToHttps": true, "hsts": { "enabled": true, "maxAgeSeconds": 31536000, "includeSubdomains": true, "preload": false }, "issues": [] } ``` When an endpoint serves an expired, self-signed, untrusted, or hostname-mismatched certificate, the Actor still saves a row because that is useful observed certificate data. DNS failures, timeouts, unreachable hosts, unsupported private/internal targets, and missing TLS handshakes are logged and skipped instead of being saved as partial dataset rows. ### ๐Ÿ’ณ Pricing This Actor uses pay-per-event pricing. You are charged for each checked endpoint result that is saved to the dataset. The local pricing artifact is set to `$0.00005` per checked endpoint, or `$0.05 per 1,000` observed endpoint results. Runs with targets that cannot produce usable certificate, TLS, or HTTPS posture data do not save a result row for those targets. ### ๐Ÿ’ก Common use cases - Monitor certificate expiry across client, product, staging, and non-443 HTTPS services. - Find expired, self-signed, untrusted, or hostname-mismatched certificates before they break user journeys. - Export certificate evidence for audits, renewals, vendor reviews, SEO checks, or compliance tickets. - Check HSTS and HTTP-to-HTTPS redirect posture next to certificate health. - Schedule recurring runs in Apify and send results to webhooks, Google Sheets, BI tools, or your own API workflow. ### โš ๏ธ Limits and caveats The Actor checks public internet endpoints. It is not designed for private intranet scanning or endpoints that require your own internal network access. `isValid` is based on observed certificate trust, hostname match, and expiry. A valid certificate does not mean the whole website is secure. This Actor does not replace a full vulnerability scanner, penetration test, SSL Labs report, or certificate authority audit. HSTS and redirect fields can be `null` when the posture check cannot be observed for that endpoint. Certificate-chain detail depends on what the server sends during the TLS handshake. ### โ“ FAQ #### Can I check non-443 HTTPS ports? Yes. Use `host:port`, such as `www.cloudflare.com:8443`, or a full HTTPS URL with a port. #### Does the Actor check URLs or only domains? It accepts both. Full URLs are normalized to the HTTPS host and port for the certificate check. The original `target` is kept in the output so you can join results back to your input list. #### Are bad certificates saved as rows? Yes, when the endpoint serves certificate or TLS data. Expired, self-signed, untrusted, and hostname-mismatched certificates are useful observed results and are saved with issues. #### Do I need cookies, login, or an API key? No. The Actor checks public SSL/TLS endpoints and does not ask for source credentials. ### ๐Ÿ“ Changelog - 0.1: Initial release. ### ๐Ÿ†˜ Support For issues, questions, or feature requests, [file a ticket](https://console.apify.com/actors/maximedupre~ssl-certificate-checker/issues) and I'll fix or implement it in less than 24h ๐Ÿซก ### ๐Ÿ”— Other actors - [Email MX Verifier โ†—](https://apify.com/maximedupre/email-mx-verifier) - Check email syntax, MX records, disposable domains, and delivery risk. - [Sitemap Sniffer โ†—](https://apify.com/maximedupre/sitemap-sniffer) - Find sitemap files, sitemap indexes, and URL inventory data for SEO audits. - [Website URL Crawler โ†—](https://apify.com/maximedupre/website-url-crawler) - Crawl public websites and export discovered links with source-page context. - [Webpage Text Extractor โ†—](https://apify.com/maximedupre/webpage-text-extractor) - Extract clean text, article text, or Markdown from public web pages. - [Font Detector โ†—](https://apify.com/maximedupre/font-detector) - Detect Google Fonts, Adobe Fonts, custom fonts, and CSS font evidence on public pages. **Made with โค๏ธ by Maxime Duprรฉ** # Actor input Schema ## `targets` (type: `array`): Enter domains, URLs, or host:port values to check, one per row. ## `warningThresholdDays` (type: `integer`): Mark certificates with this many days or fewer remaining as expiring soon. ## Actor input object example ```json { "targets": [ "apify.com", "google.com", "youtube.com", "github.com", "microsoft.com", "apple.com", "cloudflare.com", "amazon.com", "wikipedia.org", "linkedin.com", "netflix.com", "stripe.com", "npmjs.com", "nodejs.org", "mozilla.org", "wordpress.org", "shopify.com", "salesforce.com", "zoom.us", "slack.com", "atlassian.com", "gitlab.com", "docker.com", "vercel.com", "netlify.com", "fastly.com", "akamai.com", "digitalocean.com", "heroku.com", "oracle.com", "ibm.com", "intel.com", "amd.com", "nvidia.com", "adobe.com", "figma.com", "notion.so", "dropbox.com", "box.com", "paypal.com", "squareup.com", "coinbase.com", "openai.com", "anthropic.com", "huggingface.co", "reddit.com", "stackoverflow.com", "medium.com", "dev.to", "ycombinator.com", "producthunt.com", "news.ycombinator.com", "bbc.com", "cnn.com", "nytimes.com", "theguardian.com", "reuters.com", "bloomberg.com", "forbes.com", "wsj.com", "time.com", "weather.com", "booking.com", "airbnb.com", "uber.com", "lyft.com", "doordash.com", "instacart.com", "etsy.com", "ebay.com", "walmart.com", "target.com", "bestbuy.com", "homedepot.com", "lowes.com", "costco.com", "ikea.com", "nike.com", "adidas.com", "spotify.com", "soundcloud.com", "twitch.tv", "discord.com", "telegram.org", "signal.org", "whatsapp.com", "facebook.com", "instagram.com", "threads.net", "tiktok.com", "pinterest.com", "snapchat.com", "x.com", "canva.com", "trello.com", "asana.com", "monday.com", "linear.app", "sentry.io", "datadoghq.com", "newrelic.com", "elastic.co", "grafana.com", "mongodb.com", "postgresql.org", "mysql.com", "redis.io", "supabase.com", "firebase.google.com", "expo.dev", "react.dev", "vuejs.org", "svelte.dev", "angular.dev", "vite.dev", "typescriptlang.org", "python.org", "golang.org", "rust-lang.org", "ruby-lang.org", "php.net", "laravel.com", "django-rest-framework.org", "flask.palletsprojects.com", "kubernetes.io", "terraform.io", "hashicorp.com", "ansible.com", "ubuntu.com", "debian.org", "redhat.com", "almalinux.org", "rockylinux.org", "freebsd.org", "nginx.org", "apache.org", "letsencrypt.org", "badssl.com", "ssl.com", "digicert.com", "sectigo.com", "globalsign.com", "godaddy.com", "namecheap.com", "cloudinary.com", "imgix.com", "twilio.com", "sendgrid.com", "mailchimp.com", "intercom.com", "zendesk.com", "hubspot.com", "segment.com", "mixpanel.com", "amplitude.com", "plausible.io", "posthog.com", "duckduckgo.com", "brave.com", "opera.com", "w3.org", "ietf.org", "iana.org", "icann.org", "archive.org", "coursera.org", "edx.org", "khanacademy.org", "duolingo.com", "udemy.com", "pluralsight.com", "codecademy.com", "freecodecamp.org", "mit.edu", "stanford.edu", "harvard.edu", "berkeley.edu", "cmu.edu", "ox.ac.uk", "cam.ac.uk", "nature.com", "science.org", "arxiv.org", "doi.org", "orcid.org", "elsevier.com", "springer.com", "jstor.org", "nih.gov", "cdc.gov", "who.int", "un.org", "worldbank.org", "imf.org", "europa.eu", "gov.uk", "usa.gov", "nasa.gov", "noaa.gov", "ups.com", "fedex.com", "dhl.com", "expedia.com", "tripadvisor.com", "kayak.com", "skyscanner.com", "united.com", "aa.com", "southwest.com", "emirates.com", "marriott.com", "hilton.com", "hyatt.com", "accor.com", "chase.com", "bankofamerica.com", "wellsfargo.com", "capitalone.com", "americanexpress.com", "visa.com", "mastercard.com", "wise.com", "revolut.com", "robinhood.com", "fidelity.com", "vanguard.com", "schwab.com", "blackrock.com", "nasdaq.com", "nyse.com", "sec.gov", "ft.com", "economist.com", "axios.com", "theverge.com", "techcrunch.com", "wired.com", "arstechnica.com", "engadget.com", "cnet.com", "pcmag.com", "tomshardware.com", "android.com", "play.google.com", "apps.apple.com", "office.com", "live.com", "outlook.com", "icloud.com", "proton.me", "fastmail.com", "hey.com", "deepl.com", "grammarly.com", "wolframalpha.com", "perplexity.ai", "claude.ai", "chatgpt.com", "zapier.com", "make.com", "ifttt.com", "airtable.com", "coda.io", "miro.com", "loom.com", "descript.com", "webflow.com", "framer.com", "squarespace.com", "wix.com", "ghost.org", "substack.com", "beehiiv.com", "convertkit.com", "typeform.com", "surveymonkey.com", "qualtrics.com", "calendly.com", "docusign.com", "dropboxsign.com", "1password.com", "bitwarden.com", "lastpass.com", "okta.com", "auth0.com", "duo.com", "crowdstrike.com", "paloaltonetworks.com", "cloudflarestatus.com", "www.cloudflare.com:8443" ], "warningThresholdDays": 30 } ``` # Actor output Schema ## `results` (type: `string`): Open the dataset with one row for each public endpoint where certificate, TLS, or HTTPS posture was observed. # API You can run this Actor programmatically using our API. Below are code examples in JavaScript, Python, and CLI, as well as the OpenAPI specification and MCP server setup. ## JavaScript example ```javascript import { ApifyClient } from 'apify-client'; // Initialize the ApifyClient with your Apify API token // Replace the '' with your token const client = new ApifyClient({ token: '', }); // Prepare Actor input const input = { "targets": [ "apify.com", "google.com", "youtube.com", "github.com", "microsoft.com", "apple.com", "cloudflare.com", "amazon.com", "wikipedia.org", "linkedin.com", "netflix.com", "stripe.com", "npmjs.com", "nodejs.org", "mozilla.org", "wordpress.org", "shopify.com", "salesforce.com", "zoom.us", "slack.com", "atlassian.com", "gitlab.com", "docker.com", "vercel.com", "netlify.com", "fastly.com", "akamai.com", "digitalocean.com", "heroku.com", "oracle.com", "ibm.com", "intel.com", "amd.com", "nvidia.com", "adobe.com", "figma.com", "notion.so", "dropbox.com", "box.com", "paypal.com", "squareup.com", "coinbase.com", "openai.com", "anthropic.com", "huggingface.co", "reddit.com", "stackoverflow.com", "medium.com", "dev.to", "ycombinator.com", "producthunt.com", "news.ycombinator.com", "bbc.com", "cnn.com", "nytimes.com", "theguardian.com", "reuters.com", "bloomberg.com", "forbes.com", "wsj.com", "time.com", "weather.com", "booking.com", "airbnb.com", "uber.com", "lyft.com", "doordash.com", "instacart.com", "etsy.com", "ebay.com", "walmart.com", "target.com", "bestbuy.com", "homedepot.com", "lowes.com", "costco.com", "ikea.com", "nike.com", "adidas.com", "spotify.com", "soundcloud.com", "twitch.tv", "discord.com", "telegram.org", "signal.org", "whatsapp.com", "facebook.com", "instagram.com", "threads.net", "tiktok.com", "pinterest.com", "snapchat.com", "x.com", "canva.com", "trello.com", "asana.com", "monday.com", "linear.app", "sentry.io", "datadoghq.com", "newrelic.com", "elastic.co", "grafana.com", "mongodb.com", "postgresql.org", "mysql.com", "redis.io", "supabase.com", "firebase.google.com", "expo.dev", "react.dev", "vuejs.org", "svelte.dev", "angular.dev", "vite.dev", "typescriptlang.org", "python.org", "golang.org", "rust-lang.org", "ruby-lang.org", "php.net", "laravel.com", "django-rest-framework.org", "flask.palletsprojects.com", "kubernetes.io", "terraform.io", "hashicorp.com", "ansible.com", "ubuntu.com", "debian.org", "redhat.com", "almalinux.org", "rockylinux.org", "freebsd.org", "nginx.org", "apache.org", "letsencrypt.org", "badssl.com", "ssl.com", "digicert.com", "sectigo.com", "globalsign.com", "godaddy.com", "namecheap.com", "cloudinary.com", "imgix.com", "twilio.com", "sendgrid.com", "mailchimp.com", "intercom.com", "zendesk.com", "hubspot.com", "segment.com", "mixpanel.com", "amplitude.com", "plausible.io", "posthog.com", "duckduckgo.com", "brave.com", "opera.com", "w3.org", "ietf.org", "iana.org", "icann.org", "archive.org", "coursera.org", "edx.org", "khanacademy.org", "duolingo.com", "udemy.com", "pluralsight.com", "codecademy.com", "freecodecamp.org", "mit.edu", "stanford.edu", "harvard.edu", "berkeley.edu", "cmu.edu", "ox.ac.uk", "cam.ac.uk", "nature.com", "science.org", "arxiv.org", "doi.org", "orcid.org", "elsevier.com", "springer.com", "jstor.org", "nih.gov", "cdc.gov", "who.int", "un.org", "worldbank.org", "imf.org", "europa.eu", "gov.uk", "usa.gov", "nasa.gov", "noaa.gov", "ups.com", "fedex.com", "dhl.com", "expedia.com", "tripadvisor.com", "kayak.com", "skyscanner.com", "united.com", "aa.com", "southwest.com", "emirates.com", "marriott.com", "hilton.com", "hyatt.com", "accor.com", "chase.com", "bankofamerica.com", "wellsfargo.com", "capitalone.com", "americanexpress.com", "visa.com", "mastercard.com", "wise.com", "revolut.com", "robinhood.com", "fidelity.com", "vanguard.com", "schwab.com", "blackrock.com", "nasdaq.com", "nyse.com", "sec.gov", "ft.com", "economist.com", "axios.com", "theverge.com", "techcrunch.com", "wired.com", "arstechnica.com", "engadget.com", "cnet.com", "pcmag.com", "tomshardware.com", "android.com", "play.google.com", "apps.apple.com", "office.com", "live.com", "outlook.com", "icloud.com", "proton.me", "fastmail.com", "hey.com", "deepl.com", "grammarly.com", "wolframalpha.com", "perplexity.ai", "claude.ai", "chatgpt.com", "zapier.com", "make.com", "ifttt.com", "airtable.com", "coda.io", "miro.com", "loom.com", "descript.com", "webflow.com", "framer.com", "squarespace.com", "wix.com", "ghost.org", "substack.com", "beehiiv.com", "convertkit.com", "typeform.com", "surveymonkey.com", "qualtrics.com", "calendly.com", "docusign.com", "dropboxsign.com", "1password.com", "bitwarden.com", "lastpass.com", "okta.com", "auth0.com", "duo.com", "crowdstrike.com", "paloaltonetworks.com", "cloudflarestatus.com", "www.cloudflare.com:8443" ], "warningThresholdDays": 30 }; // Run the Actor and wait for it to finish const run = await client.actor("maximedupre/ssl-certificate-checker").call(input); // Fetch and print Actor results from the run's dataset (if any) console.log('Results from dataset'); console.log(`๐Ÿ’พ Check your data here: https://console.apify.com/storage/datasets/${run.defaultDatasetId}`); const { items } = await client.dataset(run.defaultDatasetId).listItems(); items.forEach((item) => { console.dir(item); }); // ๐Ÿ“š Want to learn more ๐Ÿ“–? Go to โ†’ https://docs.apify.com/api/client/js/docs ``` ## Python example ```python from apify_client import ApifyClient # Initialize the ApifyClient with your Apify API token # Replace '' with your token. client = ApifyClient("") # Prepare the Actor input run_input = { "targets": [ "apify.com", "google.com", "youtube.com", "github.com", "microsoft.com", "apple.com", "cloudflare.com", "amazon.com", "wikipedia.org", "linkedin.com", "netflix.com", "stripe.com", "npmjs.com", "nodejs.org", "mozilla.org", "wordpress.org", "shopify.com", "salesforce.com", "zoom.us", "slack.com", "atlassian.com", "gitlab.com", "docker.com", "vercel.com", "netlify.com", "fastly.com", "akamai.com", "digitalocean.com", "heroku.com", "oracle.com", "ibm.com", "intel.com", "amd.com", "nvidia.com", "adobe.com", "figma.com", "notion.so", "dropbox.com", "box.com", "paypal.com", "squareup.com", "coinbase.com", "openai.com", "anthropic.com", "huggingface.co", "reddit.com", "stackoverflow.com", "medium.com", "dev.to", "ycombinator.com", "producthunt.com", "news.ycombinator.com", "bbc.com", "cnn.com", "nytimes.com", "theguardian.com", "reuters.com", "bloomberg.com", "forbes.com", "wsj.com", "time.com", "weather.com", "booking.com", "airbnb.com", "uber.com", "lyft.com", "doordash.com", "instacart.com", "etsy.com", "ebay.com", "walmart.com", "target.com", "bestbuy.com", "homedepot.com", "lowes.com", "costco.com", "ikea.com", "nike.com", "adidas.com", "spotify.com", "soundcloud.com", "twitch.tv", "discord.com", "telegram.org", "signal.org", "whatsapp.com", "facebook.com", "instagram.com", "threads.net", "tiktok.com", "pinterest.com", "snapchat.com", "x.com", "canva.com", "trello.com", "asana.com", "monday.com", "linear.app", "sentry.io", "datadoghq.com", "newrelic.com", "elastic.co", "grafana.com", "mongodb.com", "postgresql.org", "mysql.com", "redis.io", "supabase.com", "firebase.google.com", "expo.dev", "react.dev", "vuejs.org", "svelte.dev", "angular.dev", "vite.dev", "typescriptlang.org", "python.org", "golang.org", "rust-lang.org", "ruby-lang.org", "php.net", "laravel.com", "django-rest-framework.org", "flask.palletsprojects.com", "kubernetes.io", "terraform.io", "hashicorp.com", "ansible.com", "ubuntu.com", "debian.org", "redhat.com", "almalinux.org", "rockylinux.org", "freebsd.org", "nginx.org", "apache.org", "letsencrypt.org", "badssl.com", "ssl.com", "digicert.com", "sectigo.com", "globalsign.com", "godaddy.com", "namecheap.com", "cloudinary.com", "imgix.com", "twilio.com", "sendgrid.com", "mailchimp.com", "intercom.com", "zendesk.com", "hubspot.com", "segment.com", "mixpanel.com", "amplitude.com", "plausible.io", "posthog.com", "duckduckgo.com", "brave.com", "opera.com", "w3.org", "ietf.org", "iana.org", "icann.org", "archive.org", "coursera.org", "edx.org", "khanacademy.org", "duolingo.com", "udemy.com", "pluralsight.com", "codecademy.com", "freecodecamp.org", "mit.edu", "stanford.edu", "harvard.edu", "berkeley.edu", "cmu.edu", "ox.ac.uk", "cam.ac.uk", "nature.com", "science.org", "arxiv.org", "doi.org", "orcid.org", "elsevier.com", "springer.com", "jstor.org", "nih.gov", "cdc.gov", "who.int", "un.org", "worldbank.org", "imf.org", "europa.eu", "gov.uk", "usa.gov", "nasa.gov", "noaa.gov", "ups.com", "fedex.com", "dhl.com", "expedia.com", "tripadvisor.com", "kayak.com", "skyscanner.com", "united.com", "aa.com", "southwest.com", "emirates.com", "marriott.com", "hilton.com", "hyatt.com", "accor.com", "chase.com", "bankofamerica.com", "wellsfargo.com", "capitalone.com", "americanexpress.com", "visa.com", "mastercard.com", "wise.com", "revolut.com", "robinhood.com", "fidelity.com", "vanguard.com", "schwab.com", "blackrock.com", "nasdaq.com", "nyse.com", "sec.gov", "ft.com", "economist.com", "axios.com", "theverge.com", "techcrunch.com", "wired.com", "arstechnica.com", "engadget.com", "cnet.com", "pcmag.com", "tomshardware.com", "android.com", "play.google.com", "apps.apple.com", "office.com", "live.com", "outlook.com", "icloud.com", "proton.me", "fastmail.com", "hey.com", "deepl.com", "grammarly.com", "wolframalpha.com", "perplexity.ai", "claude.ai", "chatgpt.com", "zapier.com", "make.com", "ifttt.com", "airtable.com", "coda.io", "miro.com", "loom.com", "descript.com", "webflow.com", "framer.com", "squarespace.com", "wix.com", "ghost.org", "substack.com", "beehiiv.com", "convertkit.com", "typeform.com", "surveymonkey.com", "qualtrics.com", "calendly.com", "docusign.com", "dropboxsign.com", "1password.com", "bitwarden.com", "lastpass.com", "okta.com", "auth0.com", "duo.com", "crowdstrike.com", "paloaltonetworks.com", "cloudflarestatus.com", "www.cloudflare.com:8443", ], "warningThresholdDays": 30, } # Run the Actor and wait for it to finish run = client.actor("maximedupre/ssl-certificate-checker").call(run_input=run_input) # Fetch and print Actor results from the run's dataset (if there are any) print("๐Ÿ’พ Check your data here: https://console.apify.com/storage/datasets/" + run["defaultDatasetId"]) for item in client.dataset(run["defaultDatasetId"]).iterate_items(): print(item) # ๐Ÿ“š Want to learn more ๐Ÿ“–? Go to โ†’ https://docs.apify.com/api/client/python/docs/quick-start ``` ## CLI example ```bash echo '{ "targets": [ "apify.com", "google.com", "youtube.com", "github.com", "microsoft.com", "apple.com", "cloudflare.com", "amazon.com", "wikipedia.org", "linkedin.com", "netflix.com", "stripe.com", "npmjs.com", "nodejs.org", "mozilla.org", "wordpress.org", "shopify.com", "salesforce.com", "zoom.us", "slack.com", "atlassian.com", "gitlab.com", "docker.com", "vercel.com", "netlify.com", "fastly.com", "akamai.com", "digitalocean.com", "heroku.com", "oracle.com", "ibm.com", "intel.com", "amd.com", "nvidia.com", "adobe.com", "figma.com", "notion.so", "dropbox.com", "box.com", "paypal.com", "squareup.com", "coinbase.com", "openai.com", "anthropic.com", "huggingface.co", "reddit.com", "stackoverflow.com", "medium.com", "dev.to", "ycombinator.com", "producthunt.com", "news.ycombinator.com", "bbc.com", "cnn.com", "nytimes.com", "theguardian.com", "reuters.com", "bloomberg.com", "forbes.com", "wsj.com", "time.com", "weather.com", "booking.com", "airbnb.com", "uber.com", "lyft.com", "doordash.com", "instacart.com", "etsy.com", "ebay.com", "walmart.com", "target.com", "bestbuy.com", "homedepot.com", "lowes.com", "costco.com", "ikea.com", "nike.com", "adidas.com", "spotify.com", "soundcloud.com", "twitch.tv", "discord.com", "telegram.org", "signal.org", "whatsapp.com", "facebook.com", "instagram.com", "threads.net", "tiktok.com", "pinterest.com", "snapchat.com", "x.com", "canva.com", "trello.com", "asana.com", "monday.com", "linear.app", "sentry.io", "datadoghq.com", "newrelic.com", "elastic.co", "grafana.com", "mongodb.com", "postgresql.org", "mysql.com", "redis.io", "supabase.com", "firebase.google.com", "expo.dev", "react.dev", "vuejs.org", "svelte.dev", "angular.dev", "vite.dev", "typescriptlang.org", "python.org", "golang.org", "rust-lang.org", "ruby-lang.org", "php.net", "laravel.com", "django-rest-framework.org", "flask.palletsprojects.com", "kubernetes.io", "terraform.io", "hashicorp.com", "ansible.com", "ubuntu.com", "debian.org", "redhat.com", "almalinux.org", "rockylinux.org", "freebsd.org", "nginx.org", "apache.org", "letsencrypt.org", "badssl.com", "ssl.com", "digicert.com", "sectigo.com", "globalsign.com", "godaddy.com", "namecheap.com", "cloudinary.com", "imgix.com", "twilio.com", "sendgrid.com", "mailchimp.com", "intercom.com", "zendesk.com", "hubspot.com", "segment.com", "mixpanel.com", "amplitude.com", "plausible.io", "posthog.com", "duckduckgo.com", "brave.com", "opera.com", "w3.org", "ietf.org", "iana.org", "icann.org", "archive.org", "coursera.org", "edx.org", "khanacademy.org", "duolingo.com", "udemy.com", "pluralsight.com", "codecademy.com", "freecodecamp.org", "mit.edu", "stanford.edu", "harvard.edu", "berkeley.edu", "cmu.edu", "ox.ac.uk", "cam.ac.uk", "nature.com", "science.org", "arxiv.org", "doi.org", "orcid.org", "elsevier.com", "springer.com", "jstor.org", "nih.gov", "cdc.gov", "who.int", "un.org", "worldbank.org", "imf.org", "europa.eu", "gov.uk", "usa.gov", "nasa.gov", "noaa.gov", "ups.com", "fedex.com", "dhl.com", "expedia.com", "tripadvisor.com", "kayak.com", "skyscanner.com", "united.com", "aa.com", "southwest.com", "emirates.com", "marriott.com", "hilton.com", "hyatt.com", "accor.com", "chase.com", "bankofamerica.com", "wellsfargo.com", "capitalone.com", "americanexpress.com", "visa.com", "mastercard.com", "wise.com", "revolut.com", "robinhood.com", "fidelity.com", "vanguard.com", "schwab.com", "blackrock.com", "nasdaq.com", "nyse.com", "sec.gov", "ft.com", "economist.com", "axios.com", "theverge.com", "techcrunch.com", "wired.com", "arstechnica.com", "engadget.com", "cnet.com", "pcmag.com", "tomshardware.com", "android.com", "play.google.com", "apps.apple.com", "office.com", "live.com", "outlook.com", "icloud.com", "proton.me", "fastmail.com", "hey.com", "deepl.com", "grammarly.com", "wolframalpha.com", "perplexity.ai", "claude.ai", "chatgpt.com", "zapier.com", "make.com", "ifttt.com", "airtable.com", "coda.io", "miro.com", "loom.com", "descript.com", "webflow.com", "framer.com", "squarespace.com", "wix.com", "ghost.org", "substack.com", "beehiiv.com", "convertkit.com", "typeform.com", "surveymonkey.com", "qualtrics.com", "calendly.com", "docusign.com", "dropboxsign.com", "1password.com", "bitwarden.com", "lastpass.com", "okta.com", "auth0.com", "duo.com", "crowdstrike.com", "paloaltonetworks.com", "cloudflarestatus.com", "www.cloudflare.com:8443" ], "warningThresholdDays": 30 }' | apify call maximedupre/ssl-certificate-checker --silent --output-dataset ``` ## MCP server setup ```json { "mcpServers": { "apify": { "command": "npx", "args": [ "mcp-remote", "https://mcp.apify.com/?tools=maximedupre/ssl-certificate-checker", "--header", "Authorization: Bearer " ] } } } ``` ## OpenAPI specification ```json { "openapi": "3.0.1", "info": { "title": "SSL Certificate Checker", "description": "Check SSL/TLS certificates for public domains, URLs, and host:port endpoints. Export expiry, trust, hostname match, issuer, SANs, chain, TLS, cipher, HSTS, HTTPS redirect, and issue data.", "version": "0.1", "x-build-id": "na1X91MvtV5n6wpD8" }, "servers": [ { "url": "https://api.apify.com/v2" } ], "paths": { "/acts/maximedupre~ssl-certificate-checker/run-sync-get-dataset-items": { "post": { "operationId": "run-sync-get-dataset-items-maximedupre-ssl-certificate-checker", "x-openai-isConsequential": false, "summary": "Executes an Actor, waits for its completion, and returns Actor's dataset items in response.", "tags": [ "Run Actor" ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/inputSchema" } } } }, "parameters": [ { "name": "token", "in": "query", "required": true, "schema": { "type": "string" }, "description": "Enter your Apify token here" } ], "responses": { "200": { "description": "OK" } } } }, "/acts/maximedupre~ssl-certificate-checker/runs": { "post": { "operationId": "runs-sync-maximedupre-ssl-certificate-checker", "x-openai-isConsequential": false, "summary": "Executes an Actor and returns information about the initiated run in response.", "tags": [ "Run Actor" ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/inputSchema" } } } }, "parameters": [ { "name": "token", "in": "query", "required": true, "schema": { "type": "string" }, "description": "Enter your Apify token here" } ], "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/runsResponseSchema" } } } } } } }, "/acts/maximedupre~ssl-certificate-checker/run-sync": { "post": { "operationId": "run-sync-maximedupre-ssl-certificate-checker", "x-openai-isConsequential": false, "summary": "Executes an Actor, waits for completion, and returns the OUTPUT from Key-value store in response.", "tags": [ "Run Actor" ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/inputSchema" } } } }, "parameters": [ { "name": "token", "in": "query", "required": true, "schema": { "type": "string" }, "description": "Enter your Apify token here" } ], "responses": { "200": { "description": "OK" } } } } }, "components": { "schemas": { "inputSchema": { "type": "object", "required": [ "targets" ], "properties": { "targets": { "title": "Public HTTPS endpoints", "minItems": 1, "uniqueItems": true, "type": "array", "description": "Enter domains, URLs, or host:port values to check, one per row.", "items": { "type": "string", "minLength": 1, "maxLength": 2048 } }, "warningThresholdDays": { "title": "Renewal warning threshold", "minimum": 0, "maximum": 3650, "type": "integer", "description": "Mark certificates with this many days or fewer remaining as expiring soon.", "default": 30 } } }, "runsResponseSchema": { "type": "object", "properties": { "data": { "type": "object", "properties": { "id": { "type": "string" }, "actId": { "type": "string" }, "userId": { "type": "string" }, "startedAt": { "type": "string", "format": "date-time", "example": "2025-01-08T00:00:00.000Z" }, "finishedAt": { "type": "string", "format": "date-time", "example": "2025-01-08T00:00:00.000Z" }, "status": { "type": "string", "example": "READY" }, "meta": { "type": "object", "properties": { "origin": { "type": "string", "example": "API" }, "userAgent": { "type": "string" } } }, "stats": { "type": "object", "properties": { "inputBodyLen": { "type": "integer", "example": 2000 }, "rebootCount": { "type": "integer", "example": 0 }, "restartCount": { "type": "integer", "example": 0 }, "resurrectCount": { "type": "integer", "example": 0 }, "computeUnits": { "type": "integer", "example": 0 } } }, "options": { "type": "object", "properties": { "build": { "type": "string", "example": "latest" }, "timeoutSecs": { "type": "integer", "example": 300 }, "memoryMbytes": { "type": "integer", "example": 1024 }, "diskMbytes": { "type": "integer", "example": 2048 } } }, "buildId": { "type": "string" }, "defaultKeyValueStoreId": { "type": "string" }, "defaultDatasetId": { "type": "string" }, "defaultRequestQueueId": { "type": "string" }, "buildNumber": { "type": "string", "example": "1.0.0" }, "containerUrl": { "type": "string" }, "usage": { "type": "object", "properties": { "ACTOR_COMPUTE_UNITS": { "type": "integer", "example": 0 }, "DATASET_READS": { "type": "integer", "example": 0 }, "DATASET_WRITES": { "type": "integer", "example": 0 }, "KEY_VALUE_STORE_READS": { "type": "integer", "example": 0 }, "KEY_VALUE_STORE_WRITES": { "type": "integer", "example": 1 }, "KEY_VALUE_STORE_LISTS": { "type": "integer", "example": 0 }, "REQUEST_QUEUE_READS": { "type": "integer", "example": 0 }, "REQUEST_QUEUE_WRITES": { "type": "integer", "example": 0 }, "DATA_TRANSFER_INTERNAL_GBYTES": { "type": "integer", "example": 0 }, "DATA_TRANSFER_EXTERNAL_GBYTES": { "type": "integer", "example": 0 }, "PROXY_RESIDENTIAL_TRANSFER_GBYTES": { "type": "integer", "example": 0 }, "PROXY_SERPS": { "type": "integer", "example": 0 } } }, "usageTotalUsd": { "type": "number", "example": 0.00005 }, "usageUsd": { "type": "object", "properties": { "ACTOR_COMPUTE_UNITS": { "type": "integer", "example": 0 }, "DATASET_READS": { "type": "integer", "example": 0 }, "DATASET_WRITES": { "type": "integer", "example": 0 }, "KEY_VALUE_STORE_READS": { "type": "integer", "example": 0 }, "KEY_VALUE_STORE_WRITES": { "type": "number", "example": 0.00005 }, "KEY_VALUE_STORE_LISTS": { "type": "integer", "example": 0 }, "REQUEST_QUEUE_READS": { "type": "integer", "example": 0 }, "REQUEST_QUEUE_WRITES": { "type": "integer", "example": 0 }, "DATA_TRANSFER_INTERNAL_GBYTES": { "type": "integer", "example": 0 }, "DATA_TRANSFER_EXTERNAL_GBYTES": { "type": "integer", "example": 0 }, "PROXY_RESIDENTIAL_TRANSFER_GBYTES": { "type": "integer", "example": 0 }, "PROXY_SERPS": { "type": "integer", "example": 0 } } } } } } } } } } ```