Skip to main content

learn.howToCalculate

learn.whatIsHeading

The SSL Certificate Expiry Calculator computes days remaining until an SSL/TLS certificate expires, identifies urgent renewal needs, and calculates renewal reminder dates based on your preferred lead time (default 30 days). SSL/TLS certificates secure HTTPS connections by encrypting data and verifying server identity. Expired certificates cause browser security warnings, broken HTTPS, and erode user trust — making expiry tracking essential for any site or API.

Fórmula

Days Until Expiry = (Expiry Date − Today) / 86,400,000 ms per day; Renewal Reminder = Expiry Date − Reminder Days
exp
Expiry Date (date) — Certificate notAfter timestamp
iss
Issued Date (date) — Certificate notBefore timestamp

Guía paso a paso

  1. 1Enter the certificate expiration date (visible in browser by clicking the padlock icon)
  2. 2Optionally enter the issued date for total validity period and percent-of-life-used calculation
  3. 3Set your reminder lead time in days (30 default; some teams use 14 or 60)
  4. 4Calculator computes days until expiry and renewal reminder date
  5. 5Status: HEALTHY (>30 days), RENEW SOON (within reminder threshold), URGENT (<7 days), EXPIRED (negative days)
  6. 6Pull total certificate validity from issued + expiry dates if both provided
  7. 7Visual bar compares days left to your reminder threshold

Ejemplos resueltos

Entrada
90 days until expiry, 30-day reminder
Resultado
Healthy, 90 days remaining, renew on day-60 from today
Entrada
15 days until expiry
Resultado
RENEW SOON status — within 30-day reminder window
Entrada
Expired 5 days ago
Resultado
EXPIRED status — renew immediately, HTTPS broken on production

Errores comunes a evitar

  • Manually tracking expiration without automated alerts — most outages from expired certs happen because nobody was watching
  • Ignoring intermediate certificates — full chain must be valid, not just the leaf cert
  • Not testing renewal in advance — Let's Encrypt renewals can fail silently due to ACME challenge issues
  • Forgetting wildcard cert renewals affect all subdomains simultaneously

Preguntas frecuentes

How long are SSL certificates valid?

Public CA certificates max 397 days (since Sep 2020). Let's Encrypt issues 90-day certs. Internal CAs can issue longer (some 10+ years). Browser enforced limits prevent certs over 398 days from being trusted.

What happens when a cert expires?

Browsers show security warnings (NET::ERR_CERT_DATE_INVALID), block connections, and damage SEO. API clients reject the connection unless they disable verification (security risk).

Should I automate renewal?

Yes — use certbot/acme.sh for Let's Encrypt, or your cloud provider's certificate manager (AWS ACM, Azure App Service Certificates). Manual renewal is the #1 cause of expiration outages.

learn.ctaText

Pruébalo tú mismo →

Configuración

PrivacidadTérminosAcerca de© 2026 PrimeCalcPro