Inspect any website's SSL/TLS certificate, check expiration dates, view cipher suites, and verify the complete certificate chain. All from your iPhone.
Download Free on the App StoreSSL Inspector and all 19 tools are free. No ads, no account required.
PingKit connects to any server over TLS and retrieves the full certificate details. You see the issuer, subject, validity period, serial number, signature algorithm, subject alternative names, and the negotiated TLS version and cipher suite. The complete certificate chain is displayed so you can verify that intermediate certificates are correctly configured.
View the full X.509 certificate including issuer, subject, SANs, serial number, signature algorithm, and key size. Everything you'd see in a browser's certificate viewer, but faster to access.
See the exact expiration date and days remaining for any certificate. Catch expiring certificates before they cause downtime and browser security warnings for your users.
Check which TLS version and cipher suite the server negotiates. Identify servers still using deprecated TLS 1.0/1.1 or weak cipher suites that pose security risks.
Inspect the entire certificate chain from leaf to root. A missing intermediate certificate is one of the most common SSL configuration errors, and PingKit makes it immediately visible.
Managing websites means managing certificates. Whether you use Let's Encrypt with 90-day certificates, a commercial CA with annual renewals, or a CDN that handles certificates automatically, you need to verify that the right certificate is being served. PingKit lets you check any domain instantly without opening a browser, navigating to the site, and clicking through the certificate viewer.
Weak TLS configurations are a common security finding. PingKit shows you the negotiated TLS version and cipher suite so you can identify servers still supporting deprecated protocols. If a server negotiates TLS 1.0 or uses a cipher suite with known vulnerabilities, you'll see it immediately. This makes quick security spot-checks possible from anywhere.
When users report certificate errors, you need to see exactly what the server is presenting. Is it serving the wrong certificate? Is an intermediate missing? Has the certificate expired? Is the subject alternative name list correct? PingKit answers all of these questions without needing access to the server itself. Connect from your phone and inspect what the server sends.
After renewing a certificate, you need to confirm the new one is actually being served. Check the serial number and expiry date to verify the renewal was deployed correctly. This is especially important with auto-renewal systems like Let's Encrypt or ACME, where deployment can silently fail while the renewal itself succeeds.
SSL Inspector is part of PingKit's broader security and infrastructure toolkit. Pair it with Port Scanner to check which services are exposed on a server, DNS Lookup to verify domain configuration, and WHOIS to check domain registration details. Together, these tools give you a complete picture of any domain's configuration and security posture, all from your iPhone with no command line required.
Download PingKit free and check SSL certificates from your iPhone.
Download Free on the App StoreRequires iOS 17.0 or later.