The Certificate tab is available at /certificate/<domain>.
StatsDen connects to the exact hostname on port 443 and uses that same
hostname for SNI. You can include a custom port after the hostname, such as
example.com:8443, to inspect the TLS certificate served on
that port.
Custom ports
Use hostname:port to inspect TLS on a non-standard service
port. For example, example.com:8443 connects to port
8443, while the hostname example.com is still
used for SNI and certificate validation.
If no port is provided, StatsDen uses port 443. The supplied
port applies only to the HTTP Headers and Certificate tabs; DNS Records,
DNS Propagation, and WHOIS/RDAP use the hostname without the port.
Connection details
The page shows the connected IP address, resolved public IPs, validation status, TLS version, cipher, ALPN protocol, and certificate-chain source.
Certificate details
For each certificate in the chain, StatsDen displays subject and issuer data, validity dates, serial number, public key details, signature algorithm, fingerprints, and subject alternative names.
Invalid certificates
When a server presents an invalid certificate, StatsDen still shows the available server-provided chain with a validation warning when possible.
Access and safety
TLS Certificates are available to logged-in users. Destinations resolving to non-public IP addresses are rejected.