Decode PEM or DER cert to human-readable fields. Free SSL certificate decoder.
The SSL Certificate Decoder accepts a certificate in PEM or DER format and displays all fields in human-readable form. Paste a PEM block (-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----) or upload a DER/binary file, and the tool shows subject, issuer, validity dates, serial number, key algorithm and size, extensions (SANs, key usage, basic constraints, etc.), and signature. Use it to inspect a certificate you received, verify what was actually installed on a server after decoding the cert from a TLS connection, or debug certificate-related errors. It does not validate the chain or revocation; it only parses and displays the contents. Helpful for developers and admins who need to confirm SANs, expiry, or issuer without using OpenSSL command line.
DER is binary; PEM is base64-encoded DER with header/footer lines. Most tools and configs use PEM.
Paste each certificate in the chain separately, or use a tool that accepts multiple PEM blocks and decodes each.
No. Decoding only shows the cert contents. Use an OCSP checker or CRL to verify revocation status.
Subject Alternative Names: the list of domain names the certificate is valid for. Shown in the extensions section.
If the decoder runs client-side, the cert never leaves your device. Verify the tool's implementation for privacy.