Yes, example.com has a valid SSL certificate issued by Cloudflare TLS Issuing ECC CA 3. It expires on May 14, 2026, giving 61 days remaining.
This tool connects directly to your server via a TLS handshake — the same process a browser uses. It extracts the certificate's notAfter date and calculates days remaining. You should renew at least 30 days before expiry. Certificates from Let's Encrypt are free and auto-renew every 90 days.
A certificate chain is a sequence of certificates, each signed by the one above it. Your domain's certificate is signed by an intermediate CA, which is signed by a root CA trusted by browsers. If any link in the chain is missing or invalid, browsers will show a security warning.
SSL (Secure Sockets Layer) was the original protocol, but it has been deprecated due to security vulnerabilities. TLS (Transport Layer Security) is the modern replacement. The term "SSL certificate" is commonly used even though TLS is the actual protocol in use today.
Common causes include: an incomplete certificate chain (missing intermediate certificates), the certificate not matching the domain (check Subject Alternative Names), the server clock being out of sync, or a caching layer still serving the old certificate. Use the re-check button to get the latest live data.