Who issued it, which domains it covers, when it dies — decode certificates, CSRs and chains free in your browser, nothing uploaded.
Paste a PEM X.509 certificate to decode every field in your browser — subject, issuer, SANs, validity with days-left, key type and size, key usage, fingerprints and Certificate Transparency SCTs. Nothing is uploaded.
Decode a PKCS#10 certificate signing request in your browser: subject DN, requested SANs, public key type and size, signature algorithm and attributes — verify a CSR before you send it to a CA.
Paste a fullchain.pem with several certificates to see the chain order, each subject → issuer link, key types and expiry — and catch broken or wrongly-ordered chains before they hit production.
Paste one or more PEM certificates and instantly see the days remaining on each, with expired / expiring-soon warnings — audit a folder of certs without openssl or uploading anything.
Compute the SHA-256, SHA-1 and SHA-384 fingerprints of any PEM certificate plus its SPKI pin (pin-sha256 for HPKP / certificate pinning) — all in the browser via WebCrypto.
Decode a TLS cipher suite by hex code (0x1301, 0xC02F) or name: key exchange, authentication, encryption, MAC, TLS version, forward secrecy and a security verdict — with search across the common suite list.
Paste an OpenSSH public key (authorized_keys line) to get its SHA256 fingerprint, key type, size or curve and comment — verify host keys and GitHub deploy keys without ssh-keygen.
Every tool on ToolJolt is free, runs in your browser and needs no sign-up.