TLS certificate validation
Inspect certificate validity, issuer, expiry, SANs, and TLS version. Connects server-side to port 443 -- expired and self-signed certs included.
Enter a domain (e.g. github.com). The check runs server-side on port 443.
SAVR analyzes publicly accessible certificate metadata only. No intrusive scanning is performed.
Server-side check — The request originates from our server. Certificate data is not stored. "Untrusted" means the certificate chain is not signed by a publicly trusted CA -- the cert may still be valid for internal use.