| Field | Value | Copy |
|---|---|---|
| {{ row[0] }} | {{ row[1] }} | |
| Nothing to show yet. | ||
Digital certificates are structured identity documents for secure connections. They state who a public key belongs to and when that statement is valid. This page reads a certificate and turns it into clear facts so you can check identity and expiry without guesswork.
You provide a certificate as pasted text or a file and then choose a result view. The summary shows the common name for the subject and issuer, the serial number, the not before and not after dates, and the days remaining. Many teams search for a simple certificate converter that explains these details without noise.
When a certificate arrives in a different encoding you can convert it for another system with the same content. Pick PEM or DER and set the line wrap for PEM if you need to match a house style. You can also copy a compact JSON snapshot or download a CSV for quick notes.
Use realistic samples and confirm results with a second source when the stakes are high. Format validity does not prove that a certificate is trusted or active.
X.509 certificates are signed data structures that bind an identity to a public key for a stated period. The engine extracts the Common Name (CN) for the subject and issuer, the serial number in hexadecimal, and the validity window named Not Before and Not After.
From those dates it computes a countdown that is easy to read. The days remaining value is the whole day count from now to the Not After moment with rounding up, so a half day remaining reports one day.
| Symbol | Meaning | Unit/Datatype | Source |
|---|---|---|---|
| tnow | Current timestamp when parsed | ms since epoch | Derived |
| tna | Not After timestamp | ms since epoch | Parsed |
| d | Days remaining | integer day(s) | Derived |
| Δt | Time difference (tna − tnow) | ms | Derived |
tnow is 2025‑10‑14 10:00:00 and tna is 2025‑10‑14 10:30:00 (UTC). The difference is 1 800 000 ms.
Dates are shown in Coordinated Universal Time with second precision. A negative value means the Not After moment is already in the past.
| Parameter | Meaning | Unit/Datatype | Typical Range | Notes |
|---|---|---|---|---|
| outputFormat | Target format selection | enum | info, pem, der | Info shows fields; PEM and DER emit encoded output. |
| pemWrap | Line width for PEM body | integer | 16 to any | Neutral default 64 characters per line. |
| strictB64 | Reject non‑Base64 characters when decoding | boolean | false or true | When off, non‑alphabet noise is stripped before decoding. |
| Field | Type | Min | Max | Step/Pattern | Error Text | Placeholder |
|---|---|---|---|---|---|---|
| Input text | string | — | — | PEM markers, or Base64 letters with length multiple of 4; otherwise treated as binary | Strict parsing error; Parse or conversion error | Paste PEM, base64, or raw… |
| Output format | enum | — | — | info / pem / der | — | — |
| PEM wrap | number | 16 | — | step 1 | — | — |
| Strict Base64 | boolean | 0 | 1 | Reject any non‑alphabet characters when on | Strict parsing error | — |
| PEM chain handling | notice | — | — | If multiple blocks are present, only the first is parsed | — | — |
| Input | Accepted Families | Output | Encoding/Precision | Rounding |
|---|---|---|---|---|
| Paste | PEM block, Base64 body, raw binary string | Info table, JSON, PEM, DER | PEM wrap width configurable; DER download as octet‑stream | Days rounded up to integer |
| Upload / drop | .pem, .crt, .cer, .der, .txt | Same as above | Binary files read as bytes; text files read as text | Days rounded up to integer |
All parsing and conversion occur in your browser. No data is transmitted or stored server‑side.
Processing is linear in input size. Large byte arrays are chunked when rendering to text to keep the interface responsive.
Given the same input and settings, outputs are identical. Errors report as strict parsing errors or generic parse and conversion errors.
CERTIFICATE for emitted blocks.No data is transmitted or stored server‑side. Outputs are for engineering checks and do not constitute security approval.
Certificate inspection and format conversion in a few steps.
Example. Paste a server certificate in PEM, pick DER, and download the certificate.der file for a system that accepts binary only.
You now have a readable summary and a correctly encoded file ready for use.
No. Parsing and conversion happen in your browser and nothing is sent to a server or kept after the page is closed.
Use non‑sensitive samples whenever possible.Subject CN, Issuer CN, Serial (hex), Not Before, Not After, and Days remaining. A detected chain length is noted when present.
It rounds up to whole days using your device clock and UTC timestamps. Values near zero can flip as time passes or if the device time is off.
PEM and DER. Base64 bodies are accepted and decoded. For multi‑block PEM input, only the first item is parsed and displayed.
Yes, after the page loads. All work is performed locally without network calls during parsing or conversion.
DER is binary. Use the download action to save a proper file; the text view is a raw byte rendering for completeness.
This tool inspects certificates. It does not parse or validate CSRs. Use a dedicated CSR utility for that workflow.
Availability and licensing are determined by the host application. This description does not set pricing or usage terms.